www.opovo.com.br Open in urlscan Pro
2606:4700:3033::ac43:cb93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://opovo.com.br.eu2.cas.ms/
Effective URL:
https://www.opovo.com.br/
Submission Tags: krdtest
Submission: On May 01 via api (May 1st 2021, 2:22:55 am UTC) from JP

Summary HTTP 314 Redirects Links 101 Behaviour Indicators

Summary

This website contacted 62 IPs in 6 countries across 41 domains to perform 314 HTTP transactions. The main IP is 2606:4700:3033::ac43:cb93, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.opovo.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2020. Valid for: a year.

This is the only time www.opovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.157.233.49 52.157.233.49	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2606:4700:303... 2606:4700:3033::ac43:cb93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1 91	2606:4700:303... 2606:4700:3033::6815:3a6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
7	65.9.69.197 65.9.69.197	16509 (AMAZON-02) (AMAZON-02)
13	52.1.252.251 52.1.252.251	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:210... 2600:9000:2104:5e00:12:c12e:4e80:93a1	16509 (AMAZON-02) (AMAZON-02)
15	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	35.244.156.216 35.244.156.216	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f03... 2a03:2880:f03f:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.84.52 65.9.84.52	16509 (AMAZON-02) (AMAZON-02)
2	34.68.90.188 34.68.90.188	15169 (GOOGLE) (GOOGLE)
10	34.228.251.145 34.228.251.145	14618 (AMAZON-AES) (AMAZON-AES)
1 5	13.224.106.54 13.224.106.54	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c8:ba00:1f:f9d:b880:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20c... 2600:9000:20c8:cc00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.84.103 65.9.84.103	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f13... 2a03:2880:f13f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.106.12 13.224.106.12	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:e200:5:2362:a880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 9	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
9 12	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
6 12	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
1	34.234.140.75 34.234.140.75	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 4	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
3	188.138.33.34 188.138.33.34	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	35.223.116.65 35.223.116.65	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:100:a005::d 2620:100:a005::d	19750 (AS-CRITEO) (AS-CRITEO)
314	62

1 52.157.233.49 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

opovo.com.br.eu2.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:cb93 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

opovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.opovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

91 2606:4700:3033::6815:3a6d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.opovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
opovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.69.197 (United States)

ASN16509 (AMAZON-02, US)

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-252-251.compute-1.amazonaws.com

wfpscripts.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:5e00:12:c12e:4e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
58e2acf83643c74b737b9701b15829f6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.156.216 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 216.156.244.35.bc.googleusercontent.com

api.nobeta.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f03f:1c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.52 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.68.90.188 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 188.90.68.34.bc.googleusercontent.com

forms.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.228.251.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-251-145.compute-1.amazonaws.com

webservices.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.106.54 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-54.mad50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:ba00:1f:f9d:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)

geoip.canais.uol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:cc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.103 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f13f:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.106.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-12.mad50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:e200:5:2362:a880:93a1 (United States)

ASN16509 (AMAZON-02, US)

noticias.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.173.62 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.194 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.234.21 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.116 (Ketsch, Germany)

ASN24940 (HETZNER-AS, DE)

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.140.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-140-75.compute-1.amazonaws.com

msgws.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.102.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.164 (Ketsch, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal90006.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.150 (Ketsch, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.138.33.34 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: loft9037.serverprofi24.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a005::d (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	opovo.com.br 2 redirects opovo.com.br www.opovo.com.br	762 KB
61	googlesyndication.com dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 58e2acf83643c74b737b9701b15829f6.safeframe.googlesyndication.com	344 KB
35	doubleclick.net 9 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	308 KB
24	webspectator.com wfpscripts.webspectator.com webservices.webspectator.com msgws.webspectator.com cdn.webspectator.com	124 KB
15	redintelligence.net 3 redirects hal9000.redintelligence.net hal900012.redintelligence.net hal90006.redintelligence.net hal90008.redintelligence.net	29 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com	11 KB
11	google.com adservice.google.com www.google.com	844 B
10	googletagservices.com www.googletagservices.com	330 KB
9	adnxs.com 5 redirects ib.adnxs.com	9 KB
7	cloudfront.net d335luupugsy2.cloudfront.net	112 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	5 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	68 KB
4	google-analytics.com www.google-analytics.com	54 KB
3	contentspread.net cdn.contentspread.net	146 KB
3	criteo.com bidder.criteo.com gum.criteo.com	442 B
3	google.de www.google.de adservice.google.de	1 KB
3	rdstation.com.br forms.rdstation.com.br pageview-notify.rdstation.com.br popups.rdstation.com.br	40 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	azureedge.net mcasproxy.azureedge.net	71 KB
2	criteo.net static.criteo.net	51 KB
2	facebook.com www.facebook.com	650 B
2	cloudflare.com cdnjs.cloudflare.com	18 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	facebook.net connect.facebook.net	97 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	146 KB
2	navdmp.com tag.navdmp.com	9 KB
2	googletagmanager.com www.googletagmanager.com	72 KB
1	twitter.com analytics.twitter.com	662 B
1	advertising.com adserver-us.adtech.advertising.com	193 B
1	creativecdn.com prebid-us.creativecdn.com	178 B
1	uol.com.br noticias.uol.com.br	1 KB
1	2mdn.net s0.2mdn.net	72 KB
1	t.co t.co	457 B
1	quantcount.com rules.quantcount.com	428 B
1	uol.com geoip.canais.uol.com	423 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	nobeta.com.br api.nobeta.com.br	12 KB
1	google.se adservice.google.se	799 B
1	jsuol.com.br c.jsuol.com.br	49 KB
1	googleoptimize.com www.googleoptimize.com	36 KB
1	cas.ms opovo.com.br.eu2.cas.ms	834 B
314	41

	Domain	Requested by
92	www.opovo.com.br	www.opovo.com.br
33	tpc.googlesyndication.com	securepubads.g.doubleclick.net dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com opovo.com.br.eu2.cas.ms googleads.g.doubleclick.net tpc.googlesyndication.com
23	pagead2.googlesyndication.com	www.opovo.com.br dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com opovo.com.br.eu2.cas.ms googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com securepubads.g.doubleclick.net
15	securepubads.g.doubleclick.net	www.opovo.com.br securepubads.g.doubleclick.net opovo.com.br.eu2.cas.ms www.googletagservices.com
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
12	wfpscripts.webspectator.com	www.opovo.com.br webservices.webspectator.com
10	www.googletagservices.com	securepubads.g.doubleclick.net api.nobeta.com.br dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com opovo.com.br.eu2.cas.ms
10	webservices.webspectator.com	wfpscripts.webspectator.com webservices.webspectator.com
9	ib.adnxs.com	5 redirects s0.2mdn.net googleads.g.doubleclick.net
9	www.google.com	securepubads.g.doubleclick.net www.opovo.com.br dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com opovo.com.br.eu2.cas.ms
7	d335luupugsy2.cloudfront.net	www.opovo.com.br d335luupugsy2.cloudfront.net
6	googleads.g.doubleclick.net	dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com opovo.com.br.eu2.cas.ms
5	sb.scorecardresearch.com	1 redirects wfpscripts.webspectator.com www.opovo.com.br
4	hal90008.redintelligence.net	1 redirects dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com hal90008.redintelligence.net
4	hal90006.redintelligence.net	1 redirects dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com hal90006.redintelligence.net
4	hal900012.redintelligence.net	1 redirects dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com hal900012.redintelligence.net
4	dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdn.contentspread.net	hal900012.redintelligence.net hal90006.redintelligence.net hal90008.redintelligence.net
3	hal9000.redintelligence.net	dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
3	ajax.googleapis.com	webservices.webspectator.com hal900012.redintelligence.net hal90008.redintelligence.net
3	mcasproxy.azureedge.net	opovo.com.br.eu2.cas.ms mcasproxy.azureedge.net
2	static.criteo.net	s0.2mdn.net static.criteo.net
2	bidder.criteo.com	s0.2mdn.net static.criteo.net
2	www.google.de	www.opovo.com.br
2	www.facebook.com	www.opovo.com.br
2	cdnjs.cloudflare.com	d335luupugsy2.cloudfront.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	opovo.com.br.eu2.cas.ms connect.facebook.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	tag.navdmp.com	www.opovo.com.br api.nobeta.com.br
2	fonts.googleapis.com	www.opovo.com.br
2	www.googletagmanager.com	www.opovo.com.br
2	opovo.com.br	2 redirects
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	gum.criteo.com	static.criteo.net
1	cdn.webspectator.com	wfpscripts.webspectator.com
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	analytics.twitter.com	static.ads-twitter.com
1	58e2acf83643c74b737b9701b15829f6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	msgws.webspectator.com	wfpscripts.webspectator.com
1	adserver-us.adtech.advertising.com	s0.2mdn.net
1	prebid-us.creativecdn.com	s0.2mdn.net
1	pixel.quantserve.com	www.opovo.com.br
1	noticias.uol.com.br	c.jsuol.com.br
1	vars.hotjar.com	static.hotjar.com
1	s0.2mdn.net	api.nobeta.com.br
1	t.co	www.opovo.com.br
1	script.hotjar.com	static.hotjar.com
1	rules.quantcount.com	secure.quantserve.com
1	geoip.canais.uol.com	c.jsuol.com.br
1	secure.quantserve.com	wfpscripts.webspectator.com
1	forms.rdstation.com.br	d335luupugsy2.cloudfront.net
1	static.hotjar.com	www.opovo.com.br
1	static.ads-twitter.com	www.opovo.com.br
1	api.nobeta.com.br	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	adservice.google.se	securepubads.g.doubleclick.net
1	c.jsuol.com.br	www.opovo.com.br
1	www.googleoptimize.com	www.opovo.com.br
1	www.gstatic.com	www.opovo.com.br
1	opovo.com.br.eu2.cas.ms
314	64

This site contains links to these domains. Also see Links.

Domain
mais.opovo.com.br
radios.opovo.com.br
fortaleza.novabrasilfm.com.br
fdr.org.br
www.populares.com.br
www.anuariodoceara.com.br
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com
adorofutebol.com.br
assine.opovo.com.br
opovo.com.br
especiais.opovo.com.br
people.opovo.com.br
populares.com.br
empregosecarreiras.opovo.com.br
bpop.populares.com.br
compredopequeno.opovo.com.br
detectordemetal.net
www.blogdofariasjunior.com
blogs.opovo.com.br
agirbrasil.com.br
comunidadenerd.com.br
cosmonerd.com.br
www20.opovo.com.br

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 02	`2021-05-01` - `2022-04-26`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-12` - `2021-06-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.webspectator.com Go Daddy Secure Certificate Authority - G2	`2020-05-12` - `2021-07-11`	a year	crt.sh
*.jsuol.com.br Amazon	`2020-10-31` - `2021-11-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
api.nobeta.com.br GTS CA 1D2	`2021-03-04` - `2021-06-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
forms.rdstation.com.br R3	`2021-03-31` - `2021-06-29`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
geoip.canais.uol.com Amazon	`2020-08-05` - `2021-09-05`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.uol.com.br Amazon	`2020-10-01` - `2021-11-02`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
cdn.contentspread.net Go Daddy Secure Certificate Authority - G2	`2020-07-08` - `2021-07-08`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2020-06-04` - `2022-09-06`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
popups.rdstation.com.br R3	`2021-03-19` - `2021-06-17`	3 months	crt.sh

This page contains 33 frames:

Primary Page: https://www.opovo.com.br/
Frame ID: 5E6890239FD75D893B3269420AC9EA07
Requests: 164 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
Frame ID: E5D00E26A165A86D660DAA68B351BC26
Requests: 2 HTTP requests in this frame

Frame: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F484BEFAEE393C711DA36120C728091D
Requests: 12 HTTP requests in this frame

Frame: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3BA581C8BD1B7EE9D22E1BFD61524FA3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVRfmwoMen0AnYXvE5tFYH6UovGuDXI4w3eoGv1sSxqvxmXfwZ7OY9AMuRyJDeWGEq9CEVd1Il0zj4nvf9Pm49BoHtOD43Tk9RCvrezYrb48jBy47BwkgSSfjBCpqYNEcc4icbZrhLsH_ZTYOtM4NkiGRFNlmzJLuITxeSX0BNE7LnLm-cP3200e6wuHLeR8S_3eKJY9rv7Z1bHwpmghNJgZ1NApj7fcLgp-eSlr4y-SC1GQJJcHS4SbiNibxDWOCt_JT3kxmfZa46tJ3sc-wTUPplPyWaF4LhPFyLfuhsYIktga7UZd0&sai=AMfl-YRimb8StDK4KIsoq1u079Kvz-42D8VKFsXVviwqJIAWd2JT10riUQGVQaGkmH2Gb430-4ciEQFIQn9vf98klITNjbdv19rBEdNS9jUl_zBsPU0zAsw3hRAHIgRUL38&sig=Cg0ArKJSzNosO4PC-pdtEAE&adurl=
Frame ID: A980D3DA413AF33D8D502C473997F604
Requests: 9 HTTP requests in this frame

Frame: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 008F8A2FF5BA6894E7878E1A374DD069
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAbseH7ZNzTrxO2vcdXfLBzXeY_uSfYqBBcPazljJHY420Qbtpym2Ig3CGVAsp-bVmY01j-N1oXd_fS3gxPeYXkqadtmpf-bWeMfj7MG03Uf5oS2q8wYq5n6DrnN1Dzs5t2Nq2TOkbCvfUCicyTskhUscdiH6bDcwQzW00O7BFiHEYsaiNhKof_dp74C8iDtQMJh1safb7d2o6tU7woH6RCWWzYp7tL_HWIkLHKQtPTxcxBpwqk8l0jizR4z2Wy7zHZwPR7BltTcVMav0IfxRMS-Z7Hj9VHA&sai=AMfl-YSr4nJZP_R4QYnFAn_IoLwKfywwZCMiL6LLN2B-VC_GzEtgsFNDnxNDuM-kB_yKY_-HFuH0ta5unI4rA2yvKGDDHSZ0LfuXvtiXgvsApHbhSaMH1JGnSLDv2GsO-lg&sig=Cg0ArKJSzMg2QpBfEuCIEAE&adurl=
Frame ID: F4FA73731D3613F218FA480C657C7952
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssy-5cHCrMP79ACznp3ce3vqklKCkWD_mJ8QZd73dk1-9oU72ip6kQID4_Ep0l2Vmy20Qjhqk6Jr57SAZYE1l_f7emLm8LR1RPlRQG8KIPWA03tEPcRuMbaL9hs88Zu-P21RRDJ-v5g7-CxAK59PfHxUChAAGpK-d0TntTI95p3Og5NAz7cD5bxzax2dGEjvpBc4s0hzm6FO0N8D3QtfOv1meRQ3Nd7m4zeL5pASCgeMQO2LN2T_ghLNXQknbCSUkXisIwv3qOutRQ2JUoDd_zHL-YqQ409dw&sai=AMfl-YQ75nLNNt3e9F7lfLJOV0x9KcojO0ijlO6njG0ubPCjDBYm85OAUZOXlj-dBvxD0UId9-tndkfzWhhsjVmh-Hg6kOGjTj3AZXCywY9EUiu_OY81SRAdcsVL2r7NFDQ&sig=Cg0ArKJSzEo1yKYe4OZxEAE&adurl=
Frame ID: FEDB8B87E929114E5FD593B72A71C4B6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_E5wl1RV28PNzsNeMNi0QOrIyo_vvZ1us4Ji8jL3jRLDePjtPPsrrhOBSgi1vtvfbbDsAC4psv8idfmh0VthtZi5gYMDdc-xUVX5VAUVtrKoa4BezCHNe98eqdBsg9x5BppWbsRhins8YaAvbUxcf01s5wDfpVLhxgueVqstqKbIltM2RZh8Vxg8LJGSQHE9Fpvbfo3GJVxe-N1Mnakdp6tp3mIJGyHbZjrwVnbHbILjQpJ2pAv_tyFp7tVqI2jtrjAuQzHBTs6Q2955yiqRudbJNBg&sai=AMfl-YRZmroPAKhm_JHMR8WJtkgAIh7oj1ZetHtcoi7Yayh83NR7vKWd19WqkK-hFBFT5mQw6X_rW4YMIs62a7kyXg_aKXj0Qmaxk82I347B4RIBiDE_u_5Ubcun6JEO4Rw&sig=Cg0ArKJSzHLRGnPhOqu4EAE&adurl=
Frame ID: 0EC9ABD0304B01DB4D04EFB7A1C2CBE4
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMcUb_5OlH7dfBNPio1Zm3clCHYkGphDKEth76mTI-KrLsl2V9nzCy2DdiAvezaUOwwBKQEUZpd-RjqjiiP1mqV-1j1RNC9HLBp-rqeJVY4vPbpfBrlbT81rrZQCj97UVabgAI1vQR1AvBt_BvaLzZuUZwEchjeSTMHoJMtddT6jP6Qk5JA4yxf3gWD0bkM77Mzr1w46_wN3pE7H2pn66-pZmM3jBlPDbrMfP84iwHfGO9gsSquSGtr65AKIkodSVysTqyLvSyWng-dSelzQIuRjN6Zw&sai=AMfl-YRzKsDbSui6ooaKYW2joECgAeM6ubDZODMk5Lsi4G3hJFJhsxo5Zv-U6FCmpbKAF6WgkZnQmz3B52yJroFJW1-1qAmyEqnBqGZHIEBMjGIsjXbfbHFGlizwIhxsf6M&sig=Cg0ArKJSzO_duiBzb_IaEAE&adurl=
Frame ID: E7F0B961CA90F0B26A5D5D2163C66A16
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Frame ID: 7701CE10E522647EE4CE1AA75BF1C117
Requests: 22 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 0EC493FC9E40986808A1E44BD6148BC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNW-e7EEMsEd9kS2EBOaRwQdfB48WGM3q_Snu7h0OkgRyFTHFoUtOTPO9XT7RJw_5t9_a-KrfFOZsBbFiYelmus2XQ_OQ2AXaaMMIsxDWGLt9ziZ_aADme5KaHCPOv9ere8JMkqSbhXws500DMte_cAPVMsylm12RIxHCY0vVtfISQMeZjnVwrlm3HRoi3FSm0Gr3SHMAYJBQmeGT3_JlJZ3DPdRnQ
Frame ID: 951E506AC3E12FF3B697803A4ED2B68B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNUlxYYpOGWFIpA6w2pSfSnOcBIJxBQsRwx5yTmhZA3kZ6t5v7llvjfJCwg6gWar0qd9Te1H_yX6LbaqkA-s1zVMzgY78G9m10rgBr5MdM5X7o7BXy5UPbQXng9LkhBmSr6MAWUErBvHUKmdKDRHoIb11wyLoskisYYlMcO_ArOY5q3Aa8lZW-I1Gwss1Tm0nMG4tpO2xZz2toGOCIjB58yQU1OMOw
Frame ID: BED15AEDD5AEFC124D66340D3A2863E7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtZ9SaDhpqqBRqCFh0E4l2LWjtgCN5p7JRHTHYGSsXF3MzXQpJKjq-y24K4GUR-aoO3V_Sc0nVKotzudjakizZk-Znft0URauxn5wK4asm8EA4dUMIzBZFWrqpeBp1Ms83_4AK-0l56Fo_JWh0qHIuW1XIdA&cry=1&dbm_d=AKAmf-DwccYkhSNjNdlppQmLpir6vvAz1PPglgUBFb3qiwcupzgvuvM84s1lymVR3DMmn4memFbtCCgktRypyDKIuCLtWZwd8SNBA_XWjaj2SSkJbTYWdUamsMiy4Wcb9O0qGBCAcfqaeZgSayxeQUD5hL-r02LKDtxjxDn3REqpT-fCGJioDYzWSx2UmOFV21IeCnQYAbuIsbonstA0RuBUFbbYMU2RK98Sm2l0p0lzJQX2X2HTYsNCs9dC2n9lZStldwSAyFzv-lEd0KwRq8t5hQKXxzZmkk2OZZEMwNKPW8R9re8wIDUs_ICzOaC565PijQ4ujCH3kxkoUYCT9Tb1r5ixxeJIlUq_Aj9gL2sRSxH5ToO7g_iiNwet_Bt4u2lVHfV4g-ghgQlXGRDb-1FNX408LntfhddEMEprvnG46ld-hHLDjSXpERFzflTVi4H_i5s2bDzDrplMBhE-nopceiaS0I-A2mADLnLPR4He68WSlNE4HSwXI3qE16q_PohFyES-P3Ecs7n7yfZ6PwUx0mBiZ50wjbtx1POWOKxwnCDVm2Gog1tN1AqTADlTmHu24rCzttDbLsx_neeGvuPJthaZgCv-gId8nRNW9RnGng82pbyVD9FLDmkQV9QSm5t8wRuMHMYHx3YZmlS_KJO8BXlUIyDjV2LxyNJWDH8G1MnRsv0QGmleFzU8RA19a0XYqH4Ac2TRv3CaJ-AGiAAhpo1bW3Y2huGICsKZkrOWyYPS6SLuF-bK9ummlCT9QqZqF9zoePdJFDnKeNIRAra9Ow7eKm7zzETe22QrC3Iz76hnTzBWujvLSTXjqnIUAGzGPi5uerZB-9ttKaUuinHXIz9vAW_ZuIocuU1NFQU3WHzPThzV8L76f1wZKVI7ZaYXvYsVE3j-xa8KBr24Us-TAQSACmiD-_o1QbsESD7jZQU8lsGpcoWEm-5gFbQ2iLbnwG_HIYgxwpC33gekIhiVAy2FqGXDFlxU-pU2pih_vmKzJAL5QSHbZQMOKVd03f3SZCTpTLqRQ5U73iMjoH67423nAqs71nz2Bxq77hCFgC-LDlisnvkAxby92RMAkxc4my1s7nBe_m1jw8s2GLJ2KrTfUAX1nYoItDwPV3GK0DwbOzY-X5D8UkuAPBsbNWy0u-uNx6zj_4N92vPCDw5-FgfKD0D3mgL1ehIx5be_n5RHz5Q0F_10JjXU_oVTwI_JOtZ0UjkJ2B89Qm9-8WkfyI6LRSRxtFUTUfYzhFFAOTiOW5Nj42LBk762qseg_BYsfVg6epdejUBq-mYULsnfS-NkyijhWHctKbc_kDJPRNXKRcy7Fh_p0vsuLZjSa0UQ7f8WLNVIiCjSBJJ6ZBvNP3ik7iCd0pv7bjliqNCQt-Lz49dXrbFukjmhObyeW_0Ur-TNxTrIE2urnTvy89JQbU_Nm5-s1O-sndKP9TUs-1VpXuHv5u4REFbSGOmv4qGs94EcpLVmtA2OFeRza36i2nX-HSWZsQPCJt0Wpg9OFOtcUwj29C30Hj8T0PQbpFofGS5KxN6p_SxZ-vZ8cDOnQKGNGbrrZDSej_u7EqK24Kx-InT7CoeTB-OEi0h47Qucdz0U-25I4aS3Fd8m0olqfb-4YVzxmCOepFAo5v3veDJtqyCfrEYQ1XhUqQq2i-0UHCKqxpLGKdbcNrBliPb_A1X-6JcEkYRYftYMiV1l76gibxk7ImLn3JGaxofPdTchsPnZzJEymApl4lfS4m-1AfRiIrkdwD7UwJt5SMcOh2YafPzc3IGQg0kMVO_zPkdZW2SAQnTNy0ZTsdVf0iK7925RZoH_g90c7Xlk3H6kTxwu6B2HKpaku261jqyJFbSkt7NGl5HkTPBcInFlG-9COtADbUQCDVz2V6mOAyaTb7OV5KbqM4RbJC6hBjuxfzllWpfWbVeZjRpmAAT_AxK5SA4B-7v_tNWJut91_i5ypPSf8WlCL5ETJfffueZqptlXLyAvMQh5qLoeTwbvai1awp4Jg_VbX2jRA5hnC3ko5egFtSZKRsd0C-53tZMy5NgW3NlheBLhzpZ31JcE7IF4lPJaWBCTmv2upkErGyrvkAbk_iYWETN3HOWdf-X46sStiw4OpiW091KjyfXVgUdc9oQVoupMlNH620D7KF9JXJHzntP9RiFmOzg-HHCyRogspsH4vQdp13xAhByavn2LxC1X1dS8b9IcT-g8m8JsY5rHAQM8fVz9v2-6r1dCGSy56KWqCcKwRGsGEXasQrkFbzFJOewIJ7c4rK7t0xbhHWS8_Mxf3foWLM-fkDJlCujecKdJ0tvuWYd_YIrvLJ9ObsNCb7TQ1Eyth3oFVYKa8QXZW_AHPX5g_VYpMaIu24wKvuKy4mktPkMPgBHsDhMBCn-p77C8q3lgUrylb2J0jEw5SHk7yBpwKliDN4dBPuJxIWA4z02br-k3I5sMghGoR_-ljSDiTdZ9WqnS-iyUa8-JuX1K8QCgn8L09nsXNPPfMmeRJcPCRovj6PYxtWqK0D_Pu4HgtI5IcQLg4cImal_-WRijnz9TNoBLoHZeotjsVwUseuIOV24C32B3ZrpyO94gylOG7sTVH56gkgUt5UYWTRIpGHYqpMNBZElfW7Tg-N4E6nRGpq_C3yDxZKFh-Qq-8nYpTBs3p75_WQFkX0ZVs79urWI31SExH4HZpRk-lZNoBs7_xUo6JL6bLpqL1jiUOHXCXvRbxN7wuxz8UqvBLsIcEq8GQm68cvc4re5oAfD-ANyMVh8Vt38UhEEcZ3AfpSXLK2YTronoVJgEiSAyeEeC4gE4t-JMeyFJHKrEuf5h_-FSqV-iiCCDA0KKRnPiFs_UtrlydD-2fXAOq50Ymbford2qv3-eWs06LIcDSDtjbx5-mxty06bEFXF7PODg1dNvDssQEyLE4vpCeiZi2awRZjGYlNmqH4qcXE2Ro5Brv9uPY3jbQZ117twykQZRq-rmHw8p-cpsedOiSDtDst7RKAOd7uzGqR06F5EDYVZqOL9afPiV8OxksPN_0SDadX9hUlD-RjYk6s9EI-HlsuKxlRz32-P2xfzLnMw4s-MQhOoJgC7bSvNCbxmCbNZv_3OLe9W-MyrCyOYiEADBzQZa2ep-tH5peh_UC6kiBuaBjwhYYtQ8o_AXImPBVpnmu43Ce7q1LNZPPWykee_AEV367snbt2huk6EnuYUtwGVEfEig&cid=CAASPeRo7_l2DOmCAQZcdE1GvGtCrkQN_UG5sqaAi8OsgWnrbWKkdAsfT-C4TVBU9CaJlxRNcMkxA3pDE309MGw&rfl=2%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240
Frame ID: 4DE86E010C56B282332D513A92914970
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVd1VysexoQNR5pzKnXxqmliuTh0-ydqIVBPjK6Z5vNJ53krnSHNFzgZjPVSeTpAsyATnE33SRkWYsRPihaY8-twaL4nfF_vVAfGOaMLRtKH9Hj6OM_1A-v5abjSTeCmWWqAxOkoT7mOJiZOtdvxitEAnvzRdrlsMROzV1xUIr8I9BgKr7xw0iO1aQ7GeRaruXk-ATSPnphrJPHfbF0TmDiCN0W7g
Frame ID: DDA6C84946157FE7DD0313BC6C5DBE5D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0D122C8BB010BE66001042C6647AE766
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C44FBAB831893D59CD736261B99F94A4
Requests: 3 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/20&eolid=5675027261&eci=138347231030&ct=%7B%7D&w=970&h=90&wsRotSlot=&isda=0
Frame ID: EAE5735831C461E1E69B52CD727DD230
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/25&eolid=5677262793&eci=138348173431&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Frame ID: 1D1ECF6DF9AD24398DE7F6148CE842B5
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/24&eolid=5677639880&eci=138347601690&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Frame ID: 694776AA89EBCCBD45685FEAC14ED6AE
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/28&eolid=5395992609&eci=138337188415&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Frame ID: EA01BFD99CBFD2B7C5D01ADFAB9027AD
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/2124&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Frame ID: DCFA0B9E6A0B92FCC81E6CECCDCF1F06
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/banner_bottom_desktop&eolid=5675760410&eci=138347374755&ct=%7B%7D&w=468&h=60&wsRotSlot=&isda=0
Frame ID: DC7A27746437CB20F59FB0493DF8E4B2
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/billboard_home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Frame ID: 52463D2675A7786BD58D99F069961ECC
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/29&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Frame ID: B759488416B1B1630ED97F823069B951
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C09B0405ABFDBE3866D83F2FAC82D681
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FF539F057C866AF87DEC680821F1E443
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=40650600012381000044684011581012&a=b0fac3e9
Frame ID: C2A9C14337B614BE65728EC21263C48A
Requests: 5 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=89790600014696800044682011581006&a=3b12abbd
Frame ID: 3E98033DDE677321E3619D11B2BBD4DF
Requests: 4 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=95190200015610300044682011581008&a=b1417f31
Frame ID: D17406BC6A8BC615D0DC62404D313BA2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: BE8BA1776BD58AF5277C2554BE5F5E09
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.opovo.com.br
Frame ID: 67371782FE08D84E2ADC61C6C1C95A42
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://opovo.com.br.eu2.cas.ms/ Page URL
https://opovo.com.br/ HTTP 301
https://www.opovo.com.br/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

314
Requests

100 %
HTTPS

57 %
IPv6

41
Domains

64
Subdomains

62
IPs

6
Countries

3033 kB
Transfer

7081 kB
Size

3
Cookies

101 Outgoing links

These are links going to different origins than the main page.

URL: https://mais.opovo.com.br/jornal
Title: Jornal O POVO

Search URL Search Domain Scan URL

URL: http://radios.opovo.com.br/opovocbn/
Title: O POVO/CBN

Search URL Search Domain Scan URL

URL: http://fortaleza.novabrasilfm.com.br/
Title: NovaBrasil FM

Search URL Search Domain Scan URL

URL: http://fdr.org.br/tvopovo/
Title: Canal FDR

Search URL Search Domain Scan URL

URL: http://www.populares.com.br/
Title: Populares

Search URL Search Domain Scan URL

URL: http://www.anuariodoceara.com.br/
Title: Anuário do Ceará

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OPOVOOnline
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/opovoonline?lang=pt
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/opovoonline/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCj-RTZE-V3Q6jleatRR9k2A
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/opovoonline/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://adorofutebol.com.br/
Title: Tabelas

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/
Title: op+

Search URL Search Domain Scan URL

URL: https://assine.opovo.com.br/?utm_source=home&utm_medium=orange&utm_campaign=colors_test
Title: ASSINE

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/
Title: Notícias

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/politica
Title: Política

Search URL Search Domain Scan URL

URL: https://opovo.com.br/noticias/checagemopovo/
Title: Checagem O POVO

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/mundo/
Title: Mundo

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/fortaleza/
Title: Fortaleza

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/saude/
Title: Saúde

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/economia/
Title: Economia

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/tecnologia/
Title: Tecnologia

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/brasil/
Title: Brasil

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/curiosidades/
Title: Curiosidades

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/ceara/
Title: Ceará

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/
Title: Esportes

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/futebol/
Title: Futebol

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/futebol/times/fortaleza
Title: Fortaleza

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/futebol/times/ceara
Title: Ceará

Search URL Search Domain Scan URL

URL: https://opovo.com.br/esportes/futebol/times/cearenses/
Title: Cearenses

Search URL Search Domain Scan URL

URL: https://opovo.com.br/esportes/futebol/copadomundo/
Title: Copa do Mundo

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/maisesportes
Title: Mais Esportes

Search URL Search Domain Scan URL

URL: http://opovo.com.br/divirtase/
Title: Divirta-se

Search URL Search Domain Scan URL

URL: http://opovo.com.br/vidaearte/
Title: Vida & Arte

Search URL Search Domain Scan URL

URL: https://opovo.com.br/blogs/
Title: Blogs

Search URL Search Domain Scan URL

URL: http://especiais.opovo.com.br/
Title: Especiais

Search URL Search Domain Scan URL

URL: http://people.opovo.com.br/
Title: People

Search URL Search Domain Scan URL

URL: http://populares.com.br/
Title: Classificados Populares

Search URL Search Domain Scan URL

URL: http://empregosecarreiras.opovo.com.br/
Title: Empregos e Carreiras

Search URL Search Domain Scan URL

URL: https://opovo.com.br/falecomagente/
Title: Fale com a gente

Search URL Search Domain Scan URL

URL: http://bpop.populares.com.br/
Title: BPOP

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OPOVOOnline/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/opovoonline/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/opovoonline/?hl=pt
Title: Instagram

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas
Title: Colunistas

Search URL Search Domain Scan URL

URL: https://assine.opovo.com.br/
Title: Assine e tenha acesso a uma nova experiência multistreaming.

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/plinio-bortolotti/2021/04/30/vacina--bateram-a-carteira-dos-meus-direitos.html
Title: Plínio Bortolotti Vacina: bateram a carteira dos meus direitos

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/fernando-graziani/2021/04/29/com-incendios-e-falta-de-manutencao--conmebol-se-assusta-com-situacao-do-castelao.html
Title: Fernando Graziani Conmebol se assusta com situação do Castelão, com incêndios e sem manutenção

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/clovis-holanda/2021/04/29/paulo-guedes-devia-conhecer-a-seresta-do-raimundo-do-queijo.html
Title: Clovis Holanda Paulo Guedes devia conhecer a seresta do Raimundo do Queijo

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/zenilce-bruno/2021/04/30/inquietacao-desejante.html
Title: Zenilce Bruno Inquietação desejante

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/jocelio-leal/2021/04/30/loja-leva-torcida-por-juliette-para-a-fachada-em-shopping.html
Title: Jocélio Leal Loja leva torcida por Juliette para a fachada em shopping

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/regina-ribeiro/2021/04/29/o-que-significa-para-nos--fortalezenses--um-carro-na-sala.html
Title: Regina Ribeiro O que significa para nós, fortalezenses, um carro na sala

Search URL Search Domain Scan URL

URL: https://compredopequeno.opovo.com.br/
Title: Clique e conheça

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/2021/04/30/ha-200-anos-morria-napoleao--o-homem-que-mudou-o-mundo-e--sem-querer--transformou-o-brasil.html
Title: REPORTAGEM Há 200 anos morria Napoleão, o homem que mudou o mundo e, sem querer, transformou o Brasil

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/economia/2020/12/28/assinantes-o-povo-mais-ganham-descontos-em-mais-de-60-servicos-no-clube-op+.html
Title: CLUBE OP+ Assinantes O POVO têm descontos em serviços

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/
Title: JORNAL

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/cidades/2021/04/29/dois-milhoes-de-brasileiros-em-idade-de-alfabetizacao-se-afastam-da-escola-na-pandemia.html
Title: Dois milhões de brasileiros em idade de alfabetização se afastam da escola na pandemia

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/politica/2021/04/30/troca-de-farpas-entre-rc-e-girao-comeca-a-esquentar-corrida-para-2022.html
Title: Troca de farpas entre RC e Girão começa a esquentar corrida para 2022

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/politica/2021/04/30/biden-100-dias--a-guinada-de-volta-a-normalidade.html
Title: Biden 100 dias: a guinada de volta à normalidade

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagensespeciais/
Title: REPORTAGENS ESPECIAIS

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/2021/04/23/as-estacoes-que-definem-o-ano-do-ceara.html
Title: As estações que definem o ano do Ceará

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/2021/04/26/humor-e-critica--a-charge-sob-ataque.html
Title: Humor e crítica: a charge sob ataque

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/2021/04/27/tecnologia-quer-proteger-produtores-de-conteudo-contra-o--copiar-e-colar.html
Title: Tecnologia quer proteger produtores de conteúdo contra o "copiar e colar"

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/
Title: SÉRIES E DOCS

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/memoria/walter-benjamin-2020/2020/09/27/walter-benjamin-e-asja-lacis--correspondencias.html
Title: Walter Benjamin e Asja Lacis: correspondências

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/flip/
Title: Assine e leia a Edição Digital do O POVO

Search URL Search Domain Scan URL

URL: https://opovo.com.br/noticias
Title: Notícias

Search URL Search Domain Scan URL

URL: https://opovo.com.br/esportes
Title: Esportes

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/esportes/2021/04/30/a-espera-de-novo-treinador--fortaleza-enfrenta-caucaia-no-reinicio-do-cearense.html
Title: Estadual de volta À espera de novo treinador, Fortaleza enfrenta Caucaia no reinício do Cearense

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/esportes/2021/04/30/sem-alarde--campeonato-cearense-recomeca-neste-fim-de-semana.html
Title: Sem alarde, Campeonato Cearense recomeça neste fim de semana

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/esportes/2021/04/30/ceara-e-bahia-se-reencontram-hoje-no-1---jogo-da-final-da-copa-do-nordeste.html
Title: Dia de decisão {/if} Ceará e Bahia se reencontram hoje no 1º jogo da final da Copa do Nordeste Vovô e Esquadrão entram em campo hoje, às 16 horas, no estádio Pituaçu para a partida de ida da decisão. Alvinegro e Tricolor decidiram a Lampions na temporada passada — vencida pelos cearenses

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/vidaearte/2021/04/30/feijoada-faz-sucesso-no-delivery-e-ganha-novas-versoes.html
Title: delivery {/if} Feijoada faz sucesso no delivery e ganha novas versões

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/vidaearte/2021/04/30/confira-a-agenda-cultural-do-primeiro-fim-de-semana-de-maio.html
Title: Confira a agenda cultural do primeiro fim de semana de maio

Search URL Search Domain Scan URL

URL: https://detectordemetal.net/forcaos-confirma-edicao-para-marco-e-inscricoes-vao-ate-10-de-fevereiro/
Title: Detector de Metal ForCaos confirma edição para março, confira inscrições

Search URL Search Domain Scan URL

URL: http://www.blogdofariasjunior.com/2021/02/conheca-as-nove-infracoes-de-transito.html
Title: Blog do Farias Junior Conheça as infrações que não irão mais gerar pontos negativos na CNH

Search URL Search Domain Scan URL

URL: https://blogs.opovo.com.br/tomodachinerds/2021/02/01/filme-macross-delta-zettai-live-ganha-novo-trailer/
Title: Tomodachi Nerd's Filme Macross Delta ganha novo trailer

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/
Title: Especiais

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/energialimpa
Title: Energia Limpa: o Ceará contribuindo para o futuro energético sustentável do planeta

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/borboletas/
Title: EXPEDIÇÃO BORBOLETAS

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/violencianainternet/
Title: Violência na Internet

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/osvoosderuediger/
Title: Os voos de Ruediger

Search URL Search Domain Scan URL

URL: https://agirbrasil.com.br/
Title: Vamos agir - novos rumos, novas soluções

Search URL Search Domain Scan URL

URL: https://people.opovo.com.br/
Title:

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pause/2021/04/18/mulheres-que-gestam-a-terra.html
Title: Mulheres que gestam a terra: escritoras indígenas cartografam vivências femininas

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pause/2021/03/28/a-casa-no-isolamento--dicas-para-redescobrir-o-conforto-no-lar.html
Title: A casa no isolamento: dicas para redescobrir o conforto no lar

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pause/2021/03/14/o-prazer-do-texto.html
Title: O prazer do texto: escrita como arte, ofício e memória

Search URL Search Domain Scan URL

URL: https://comunidadenerd.com.br/
Title:

Search URL Search Domain Scan URL

URL: https://cosmonerd.com.br/listas/6-motivos-para-assistir-cidade-invisivel-na-netflix/
Title: Cidade Invisível | 6 motivos para assistir a série brasileira na Netflix

Search URL Search Domain Scan URL

URL: https://cosmonerd.com.br/filmes/critica/mulher-maravilha-1984-critica/
Title: Mulher-Maravilha 1984 l Um filme para aquecer o coração

Search URL Search Domain Scan URL

URL: https://comunidadenerd.com.br/literatura-e-hq/2020/08/9999157-turma-da-monica-e-jovens-titas-se-encontram-em-animacao-do-dc-fandome.html
Title: Turma da Mônica e Jovens Titãs se encontram no DC Fandome

Search URL Search Domain Scan URL

URL: https://empregosecarreiras.opovo.com.br/
Title:

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pop-empregos-e-carreiras/2020/11/23/conexoes-humanas--em-tempos-digitais.html
Title: Conexões humanas em tempos digitais

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pop-empregos-e-carreiras/2020/11/23/educar-as-novas-geracoes.html
Title: Educar as novas gerações

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pop-empregos-e-carreiras/2020/11/16/os-caminhos-da-transformacao--digital.html
Title: Como seu negócio chama atenção?

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias
Title: Notícias

Search URL Search Domain Scan URL

URL: https://www20.opovo.com.br/acervo/
Title: Acervo

Search URL Search Domain Scan URL

URL: http://assine.opovo.com.br/
Title: Assine

Search URL Search Domain Scan URL

URL: https://www20.opovo.com.br/revistas/
Title: Lab282

Search URL Search Domain Scan URL

URL: http://fdr.org.br/
Title: FDR

Search URL Search Domain Scan URL

URL: https://www20.opovo.com.br/hotsite/cartoes-o-povo/index.html
Title: Clube O POVO

Search URL Search Domain Scan URL

URL: http://opovo.com.br/
Title: O POVO Online

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://opovo.com.br.eu2.cas.ms/ Page URL
https://opovo.com.br/ HTTP 301
https://www.opovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png HTTP 301
https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png

Request Chain 169

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1619835761373&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1619835761373&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1

Request Chain 232

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIy7c.znvwRe6QTa9-WOKAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1

Request Chain 234

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D

Request Chain 235

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1

Request Chain 236

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIy7c.znvwRe6QTa9-WOKAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1

Request Chain 238

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D

Request Chain 247

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1

Request Chain 248

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIy7c.znvwRe6QTa9-WOKAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2

Request Chain 249

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1

Request Chain 250

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D

Request Chain 267

https://hal900012.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=4cc001b15e&subid=&uid=c47263a66f78cb56&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPM0LbruMYOCTMq-A7_UP-bmVQIGI4dRg-MSb09IM8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9CMpnUzGR9GmswRuaJYabdC3n7EGDJKgwMKVqKTy_kpi6BdDfScPY4d_c8I-DAZo81UwSEsNJoXPXDnsd9CzIBKMGb_Goft3qf0NhLzuxMQDAwxztKQ8j7O8JU7CCAXoNhEwERPGgusSVScErxrn-te6jfjFxA2u0E-1QFvWJo0DaP7fUhoQMPYPwaP3Z2zBjgOLI95QgjEggfHgE1Gyx60in8rj8Bf461wxj-IVgDT5sirWpBlU8BcpVYEtUzYKldxWo8zvwohsGA8BECCfpTABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7_l2DOmCAQZcdE1GvGtCrkQN_UG5sqaAi8OsgWnrbWKkdAsfT-C4TVBU9CaJlxRNcMkxA3pDE309MGw%26sig%3DAOD64_2c-PTTzZoGvHPM9xowku7WXZb_Fw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-ARuZUvyClPgaIHW_kYzBbkwH8IQwULTuURidGIOE41CpP7EmruUCjdeB-DxtsTduhdwW0h1keNmdpOpyNgDjTs5HbOG4yNOQV75k71dIY986G0MfgLJ5Y9Qy-qeBafiOkEGiiNdvWXHXdFs0qvrd88-e8PQQ%26cry%3D1%26dbm_d%3DAKAmf-CwuQ9Old1YNrJbAavPduYRKeigqeCcpbwtSmbLw-gwZH2YLv1wqyQzPJT1tVKbWzSJZCxuql2SAAI5N7LHWWdPxFAQ37BaZrTzsPgt_K6z021gAZd4_jVAYtiz5pCdyhMEoEfONCFyAKgIs-VcLGYt-TPB94Jt7clHL-kA54QcJxfSvpQkslT6D6yXjXue3K0yiAVi09XeCy3jElsT3nzF-sWyEKz8kWGczNGU-4AIGZl_qDCykm1kDfc1Mzn-nqfUk7fKg4-MU4BYvk5YmSIVcqDELqa8HzWpDqYJ05ssVv-r2OKc8nvH9k5SboHq9M6uUvHs4a0aYlvRReL40yxS6njzv4V4PtXVKSllqzPhiOIQVnFbli3wdG2z6aH0D1ELlTOMgfkRX2kdXD0GnLjMOlbqXWyiCNNVnwF5iV8nqvaqK42tBoTtW-eoaGm3koNKJ7Co%26adurl%3D&documentReferer=https%3A%2F%2Fdded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fdded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.opovo.com.br&random=6879618782048&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900012.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=4cc001b15e&subid=&uid=c47263a66f78cb56&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPM0LbruMYOCTMq-A7_UP-bmVQIGI4dRg-MSb09IM8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9CMpnUzGR9GmswRuaJYabdC3n7EGDJKgwMKVqKTy_kpi6BdDfScPY4d_c8I-DAZo81UwSEsNJoXPXDnsd9CzIBKMGb_Goft3qf0NhLzuxMQDAwxztKQ8j7O8JU7CCAXoNhEwERPGgusSVScErxrn-te6jfjFxA2u0E-1QFvWJo0DaP7fUhoQMPYPwaP3Z2zBjgOLI95QgjEggfHgE1Gyx60in8rj8Bf461wxj-IVgDT5sirWpBlU8BcpVYEtUzYKldxWo8zvwohsGA8BECCfpTABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7_l2DOmCAQZcdE1GvGtCrkQN_UG5sqaAi8OsgWnrbWKkdAsfT-C4TVBU9CaJlxRNcMkxA3pDE309MGw%26sig%3DAOD64_2c-PTTzZoGvHPM9xowku7WXZb_Fw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-ARuZUvyClPgaIHW_kYzBbkwH8IQwULTuURidGIOE41CpP7EmruUCjdeB-DxtsTduhdwW0h1keNmdpOpyNgDjTs5HbOG4yNOQV75k71dIY986G0MfgLJ5Y9Qy-qeBafiOkEGiiNdvWXHXdFs0qvrd88-e8PQQ%26cry%3D1%26dbm_d%3DAKAmf-CwuQ9Old1YNrJbAavPduYRKeigqeCcpbwtSmbLw-gwZH2YLv1wqyQzPJT1tVKbWzSJZCxuql2SAAI5N7LHWWdPxFAQ37BaZrTzsPgt_K6z021gAZd4_jVAYtiz5pCdyhMEoEfONCFyAKgIs-VcLGYt-TPB94Jt7clHL-kA54QcJxfSvpQkslT6D6yXjXue3K0yiAVi09XeCy3jElsT3nzF-sWyEKz8kWGczNGU-4AIGZl_qDCykm1kDfc1Mzn-nqfUk7fKg4-MU4BYvk5YmSIVcqDELqa8HzWpDqYJ05ssVv-r2OKc8nvH9k5SboHq9M6uUvHs4a0aYlvRReL40yxS6njzv4V4PtXVKSllqzPhiOIQVnFbli3wdG2z6aH0D1ELlTOMgfkRX2kdXD0GnLjMOlbqXWyiCNNVnwF5iV8nqvaqK42tBoTtW-eoaGm3koNKJ7Co%26adurl%3D&documentReferer=https%3A%2F%2Fdded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fdded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.opovo.com.br&random=6879618782048&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 268

https://hal90006.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=f49091f29e&subid=&uid=1687c655295cc35e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7pqRbruMYN-TMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBM4BT9BMSc-Tbd9nNZpPw1NQzXowBFnNaXo6f5z5PtAei8ksoiEdUGWruPqHO1o-5Qx4cw5q05U91KfFucZxggMQko1oZuLMACw5CavRhiS97sV2Zd6kyhg01EbFDg_tHvpotXHt_i6NaoSWBqDzI9CPcOr6zk6Wh3Suj6F3A1aS5fDnhSZ2vhlipjxiDIdmebUK2NaUzUunt5CSJ8dLtCyQR8ZyIudWIEcaONKPSMgdMRZh38JutVgSuZLv5XbJrHV9f_jnkVxHfzTGuJrhcwvABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7snDFDaDBJaK2MIjd0jj5xjgD8QPiHCmhAQs7dCg449BsCCXJlaeF51YVgRuDZKQcP1OSuXJQUIfUfg%26sig%3DAOD64_1MhaQ-rAZbt93CmJ2R92WvVc-UgQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Ag1f3Qx34JbVuBu5FuzQ9PiQiV_pW_7as60D6iAkrQVDhVs5qMYS5ct1tXa1QpgCtWB_ZFum9r9xUXPWQU0DSOz774baXmBR6g7MaJzWNYPwe156GEgq3IlkKcH6GrtIgAStJiFMiiY79jaZYYG-UcB-rMvA%26cry%3D1%26dbm_d%3DAKAmf-A1MXZmeDe7A0wZUkUKAMGWRMz08kqOch4DYyuSyFiBb7clW0EhMocPVsZk0tRaRCQBT0Y_tQd-3zido79lm8fbQKBuKPc4ZH0qn440sevOvbDRCVWQHT5naG8qKB2mZMD5KsZGB_DCZQXyX1_7PTuShVB9Y8jL619kvqjmVT_atu5pMFGCQpqB_-Mz3NZ1EJehmvELC11jnUTsffx4Z8AlyVUQsQaVSv-7LEylckSt4JZnsxosmj9i54f0-32DoJq5jnJ66JhtlcB47I1q_nuJnGVWa0AeTZLSqWAy_M489_XT0MU7_GaZ5Se4gGiFhsvR2TmL8xJryBcaiLhBocZ5iNVgQ6sUOr0Wp_8dUrxml4sX4Nv18gP9qEi12EkmR-oJlUUBhcslRWlh3SQJB8XkWWJ4p2dtIbogfrMqRNKBpumlHTn5BFkBYcNO5sj3dugFQdZZ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=8639815311983&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal90006.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=f49091f29e&subid=&uid=1687c655295cc35e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7pqRbruMYN-TMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBM4BT9BMSc-Tbd9nNZpPw1NQzXowBFnNaXo6f5z5PtAei8ksoiEdUGWruPqHO1o-5Qx4cw5q05U91KfFucZxggMQko1oZuLMACw5CavRhiS97sV2Zd6kyhg01EbFDg_tHvpotXHt_i6NaoSWBqDzI9CPcOr6zk6Wh3Suj6F3A1aS5fDnhSZ2vhlipjxiDIdmebUK2NaUzUunt5CSJ8dLtCyQR8ZyIudWIEcaONKPSMgdMRZh38JutVgSuZLv5XbJrHV9f_jnkVxHfzTGuJrhcwvABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7snDFDaDBJaK2MIjd0jj5xjgD8QPiHCmhAQs7dCg449BsCCXJlaeF51YVgRuDZKQcP1OSuXJQUIfUfg%26sig%3DAOD64_1MhaQ-rAZbt93CmJ2R92WvVc-UgQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Ag1f3Qx34JbVuBu5FuzQ9PiQiV_pW_7as60D6iAkrQVDhVs5qMYS5ct1tXa1QpgCtWB_ZFum9r9xUXPWQU0DSOz774baXmBR6g7MaJzWNYPwe156GEgq3IlkKcH6GrtIgAStJiFMiiY79jaZYYG-UcB-rMvA%26cry%3D1%26dbm_d%3DAKAmf-A1MXZmeDe7A0wZUkUKAMGWRMz08kqOch4DYyuSyFiBb7clW0EhMocPVsZk0tRaRCQBT0Y_tQd-3zido79lm8fbQKBuKPc4ZH0qn440sevOvbDRCVWQHT5naG8qKB2mZMD5KsZGB_DCZQXyX1_7PTuShVB9Y8jL619kvqjmVT_atu5pMFGCQpqB_-Mz3NZ1EJehmvELC11jnUTsffx4Z8AlyVUQsQaVSv-7LEylckSt4JZnsxosmj9i54f0-32DoJq5jnJ66JhtlcB47I1q_nuJnGVWa0AeTZLSqWAy_M489_XT0MU7_GaZ5Se4gGiFhsvR2TmL8xJryBcaiLhBocZ5iNVgQ6sUOr0Wp_8dUrxml4sX4Nv18gP9qEi12EkmR-oJlUUBhcslRWlh3SQJB8XkWWJ4p2dtIbogfrMqRNKBpumlHTn5BFkBYcNO5sj3dugFQdZZ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=8639815311983&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 271

https://hal90008.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=7718a882ff&subid=&uid=0ea908aeeb15ead0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC04yibruMYOGTMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9A2zeZoVKSM96QOdupmDmnmtHQfdx9HFXcxa-ah6XpK_c5tpLJulU0c0pvniwfWWSjsvYnwz9ssVSyaM6-KWFAHz8DeYqTNGywfUPzagqy8EYExsZzvjdY5FfHhGEsFeju247BCKOiPl16-H3Q0AhrKcaJBDe_J9ZGqctZ1YpHuJU6ckYfyCTU0FEp0HNJkig6nv7oEwSDQJ1HWDEA-EzIDzG2TjM87DL-Qhmg1OlwIGlEDKlN7elB7blnkUhdXWeM_YcgSDjrnDHHXxpodzFfABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoDGPc7aLqibFgckPbP2owVHUOy_9HLfQAhvPKjBFMVA7610FnCbizCKXIePbhA3pJcucC7M5cmTWZA8Q%26sig%3DAOD64_0cBdE0nDMgb2enG1DTlGXVLjNrlw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BtIA8yBvZsCg9df7Cato9w7-02hEeJEmbEe1_Xc6yKX_mLL1UhkdXbdhbHtCrazPndi8rISAeFPIWha5w5XwcIQ33nhUdnAojKIyAo7nUyAUyswt8JPne06JzRWO2ZX6b5Lk8vdYVTVMvpAORy-X_jzrTmTA%26cry%3D1%26dbm_d%3DAKAmf-BgpxGnPiD4OQpPQ0XyDfy9AjxrctnTLTpbJAC02yaJbrBXPput-i5tEMv-Eitu2jp3O2ad9lTaq6vnFXCXAfHKqXHYba3-7K6K7tCTfhk4junRTX6SyP6Wa_rN0-fqQZnEvL-uui0SQ2lvn2qlH0hc7hJklPl0Cu5XTi2_NDoLgE9U7SyfIZ09nH97adq1pKRj2CT-C8f7DNxQwPYnsl9zZfd2aLwb1AHwnEqDuwbyb_cmpPTLp92jxAsJzKoAJXxeg23xtQsu6wfP8QVX7Z7ian5IVEkTnGXEKDCE7NNmYJ5ZfxBQE8RsEBgi81sJ6G1dQzk45pDlEyExSF4LcLZ4kWKy8CgmqfTG1cumV5dIov-zm_Fw6J4I81bED2ZbDvMOMvs7NSHq6ciVYOFKT6JLHRcSqnr01KqZDcnrWjpdGC_yrwgCI2jJxz5ab7oIal1OfkxK%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=7152345628707&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=7718a882ff&subid=&uid=0ea908aeeb15ead0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC04yibruMYOGTMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9A2zeZoVKSM96QOdupmDmnmtHQfdx9HFXcxa-ah6XpK_c5tpLJulU0c0pvniwfWWSjsvYnwz9ssVSyaM6-KWFAHz8DeYqTNGywfUPzagqy8EYExsZzvjdY5FfHhGEsFeju247BCKOiPl16-H3Q0AhrKcaJBDe_J9ZGqctZ1YpHuJU6ckYfyCTU0FEp0HNJkig6nv7oEwSDQJ1HWDEA-EzIDzG2TjM87DL-Qhmg1OlwIGlEDKlN7elB7blnkUhdXWeM_YcgSDjrnDHHXxpodzFfABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoDGPc7aLqibFgckPbP2owVHUOy_9HLfQAhvPKjBFMVA7610FnCbizCKXIePbhA3pJcucC7M5cmTWZA8Q%26sig%3DAOD64_0cBdE0nDMgb2enG1DTlGXVLjNrlw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BtIA8yBvZsCg9df7Cato9w7-02hEeJEmbEe1_Xc6yKX_mLL1UhkdXbdhbHtCrazPndi8rISAeFPIWha5w5XwcIQ33nhUdnAojKIyAo7nUyAUyswt8JPne06JzRWO2ZX6b5Lk8vdYVTVMvpAORy-X_jzrTmTA%26cry%3D1%26dbm_d%3DAKAmf-BgpxGnPiD4OQpPQ0XyDfy9AjxrctnTLTpbJAC02yaJbrBXPput-i5tEMv-Eitu2jp3O2ad9lTaq6vnFXCXAfHKqXHYba3-7K6K7tCTfhk4junRTX6SyP6Wa_rN0-fqQZnEvL-uui0SQ2lvn2qlH0hc7hJklPl0Cu5XTi2_NDoLgE9U7SyfIZ09nH97adq1pKRj2CT-C8f7DNxQwPYnsl9zZfd2aLwb1AHwnEqDuwbyb_cmpPTLp92jxAsJzKoAJXxeg23xtQsu6wfP8QVX7Z7ian5IVEkTnGXEKDCE7NNmYJ5ZfxBQE8RsEBgi81sJ6G1dQzk45pDlEyExSF4LcLZ4kWKy8CgmqfTG1cumV5dIov-zm_Fw6J4I81bED2ZbDvMOMvs7NSHq6ciVYOFKT6JLHRcSqnr01KqZDcnrWjpdGC_yrwgCI2jJxz5ab7oIal1OfkxK%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=7152345628707&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

314 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
opovo.com.br.eu2.cas.ms/ 1006 B
834 B 197ms
59ms Document
text/html 52.157.233.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://opovo.com.br.eu2.cas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.157.233.49 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

8a8f27d5f642fbfe0360dd006fe85893f660355b21fa662e47a9a5e690f0bce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: opovo.com.br.eu2.cas.ms
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Sat, 01 May 2021 02:22:36 GMT
x-mcas-request-id: fa821cad05f5ed0bcdd77bbbdc084da6
expires: Mon, 01-Jan-1990 00:00:00 GMT
strict-transport-security: max-age=31536000
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.199.30/js/ 5 KB
5 KB 46ms
8ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/js/session-context-store-helper.min.js
Requested by: Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726

Request headers

Referer: https://opovo.com.br.eu2.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 01 May 2021 02:22:36 GMT
last-modified: Sun, 25 Apr 2021 09:30:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: npsIWjlCWsd9fFNnNdaKMw==
etag: 0x8D907CCBCE49DA3
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: faf88c0d-801e-008c-5638-3a198f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=7973
x-ms-version: 2009-09-19
content-length: 4994

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/0.199.30/html/ Frame E5D0 281 B
727 B 9ms
9ms Document
text/html 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovo.com.br.eu2.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovo.com.br.eu2.cas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Sun, 25 Apr 2021 09:26:20 GMT
etag: 0x8D907CC2FCC987A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e2cffc70-401e-00f7-5338-3a723f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=7968
date: Sat, 01 May 2021 02:22:36 GMT

GET
H2 200 session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/0.199.30/js/ Frame E5D0 64 KB
65 KB 11ms
10ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 01 May 2021 02:22:36 GMT
last-modified: Sun, 25 Apr 2021 09:30:16 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: F1ttwOaWglR5SfRGFzgA5Q==
etag: 0x8D907CCBC9C8B7C
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: faf88e04-801e-008c-0338-3a198f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=6684
x-ms-version: 2009-09-19
content-length: 66024

GET
H2

200

Primary Request / Show response
www.opovo.com.br/
Redirect Chain

https://opovo.com.br/?
https://www.opovo.com.br/

109 KB
24 KB

28ms
25ms

Document
text/html

2606:4700:3033::ac43:cb93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:cb93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c810c8e1ed2599c52f199db4b84574949c268f3b1c6ce0aebfc02d61b140ae3

Request headers

:method: GET
:authority: www.opovo.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://opovo.com.br.eu2.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovo.com.br.eu2.cas.ms/

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
content-type: text/html; charset=utf-8
last-modified: Sat, 01 May 2021 02:20:46 GMT
vary: Accept-Encoding
x-fivecom-rewrite-portal: home
cache-control: public, max-age=120, s-maxage=604800
x-varnish: 230884587 231473773
age: 24
via: 1.1 varnish-v4
x-ua-device: desktop
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-cache-status: HIT
cf-request-id: 09c7553b2300001f451986d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0h2HQjtgWQKLypOqckSoCBm%2BUvlZSVSk8A%2BshBr1MimFiygXWbVmROWfgr5Wd0emBg0aZMLYH5Jq2mmH8s3cZ9z46gsFOM9EN2MBW5bMcdIDGO1iEaYFrgLXCKXl"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 64858b0b6a501f45-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sat, 01 May 2021 02:22:37 GMT
content-type: text/html
set-cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756; expires=Mon, 31-May-21 02:22:36 GMT; path=/; domain=.opovo.com.br; HttpOnly; SameSite=Lax; Secure
location: https://www.opovo.com.br/
x-varnish: 230559213
age: 0
via: 1.1 varnish-v4
x-ua-device: desktop
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 09c755386600001f45b723f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FLzuJ%2BbrOKC3w3k9HI227%2F3AXfdw4UYvT4fsbS5SQ6nCU3ZDgO3Cym%2Fed%2BzM%2BNNxB%2BvHrAQRhAIqrdCHgQYvjWWPAiYXZ%2Buv3qYNszsYR4wyUJtjbyT7OMk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 64858b070f491f45-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23310373-1

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be3a5c3e0b3ccf1f7a887960356fbded0e0095c214e28abe0b79f0514157c3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35841
x-xss-protection: 0
last-modified: Sat, 01 May 2021 00:18:43 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 May 2021 02:22:37 GMT

GET
H3-29 200 owl.carousel.min.css
www.opovo.com.br/includes/assets/online/geral/css/libs/ 3 KB
2 KB 35ms
13ms Stylesheet
text/css 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/libs/owl.carousel.min.css
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Request headers

:path: /includes/assets/online/geral/css/libs/owl.carousel.min.css
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 198122
content-type: text/css
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553b9800004e8bd4a6b000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: W/"5d16257a-d1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cze1RWEXL1xV%2Fw62ty6lA0%2FRrnEnQjjXPeah46sSmOw0utUeo77ZD3g%2BOTwmE9FDu93CT%2BuypO9ha6PekkZPL3m51DM97QPaf52t%2F2UKbTl7Zw1mWiw8SIZ4UAEQ"}],"group":"cf-nel","max_age":604800}
x-varnish: 779194621
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64858b0c2dd24e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 base.css
www.opovo.com.br/includes/assets/online/geral/css/ 126 KB
23 KB 42ms
28ms Stylesheet
text/css 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd822e612a9671c3105c5aeffccbc836004b4fb2b1fb703471de1cf8dfa3973

Request headers

:path: /includes/assets/online/geral/css/base.css
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 281466
cf-polished: origSize=163486
content-type: text/css
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553ba000004e8b16bc7000000001
last-modified: Tue, 20 Apr 2021 14:06:11 GMT
server: cloudflare
etag: W/"607edfd3-27e9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6UGaiaM3%2F2FQNtkbi%2FwL6%2F0ON8VFYLJxrbv03M2tuDB5uRqJfowKn3qCuRfrHyb6HDssLsV5FOwqWGCSPyYLXEvW7YACl6D%2FghVBVYuFIsx2XfyynS%2Ban%2FIbI00T"}],"group":"cf-nel","max_age":604800}
x-varnish: 612775751
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64858b0c3de34e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 home.css
www.opovo.com.br/includes/assets/online/home/css/ 38 KB
7 KB 27ms
14ms Stylesheet
text/css 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f8832a07c6d150b1e679d807e16734655e3dd45483b601b99fe5fdca25d22b

Request headers

:path: /includes/assets/online/home/css/home.css
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75569
cf-polished: origSize=49736
content-type: text/css
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553ba100004e8bdeac5000000001
last-modified: Wed, 07 Oct 2020 13:19:57 GMT
server: cloudflare
etag: W/"5f7dc07d-c248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TU5jGryZFifhzLLTA%2Bjtua5kI3ONd2bPjam%2FSAAw8Q5sJOcS1P7jFqk2dMS4TRfJ2%2FMa0QDx2Oh8H%2BBWOJgwzepm5fqMkunx9cyM%2B3z86Bbri8dpvD2iDQN1whzv"}],"group":"cf-nel","max_age":604800}
x-varnish: 1019873261 1015515561
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64858b0c3de44e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 5 KB
707 B 27ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT%20Serif:400,400italic,700,700italic

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0c400c8be6122ab2a8797b3c495be63393e3f1ec93426a88bb2a87a9996f8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 01:15:25 GMT
server: ESF
date: Sat, 01 May 2021 02:22:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 02:22:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
694 B 38ms
25ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,500,600,700

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d74e57a16f307dccbaa3dd0bfcd61d6228c5683e9728266379672b2611f3ac6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 May 2021 02:16:08 GMT
server: ESF
date: Sat, 01 May 2021 02:22:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 May 2021 02:22:37 GMT

GET
H2 200 tm42111.js Show response
tag.navdmp.com/ 12 KB
4 KB 104ms
14ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm42111.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24ca58bf23e819a415daa325aa0e3a6ad83bc86395468c9ca0c240ecacf2cbc6

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2138
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 09c7553bf000004a9178a1e000000001
last-modified: Thu, 10 Jan 2019 14:46:02 GMT
server: cloudflare
etag: W/"5c375aaa-2e25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 64858b0cbe0b4a91-FRA
expires: Sat, 01 May 2021 02:46:59 GMT

GET
H3-29 200 advertisement.js Show response
www.opovo.com.br/includes/assets/online/geral/js/plugins/ 43 B
785 B 22ms
12ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/plugins/advertisement.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c6f5ba88cad1d6fef6754b17eff1abfb532089184774d12678b8ce6dccb04f1

Request headers

:path: /includes/assets/online/geral/js/plugins/advertisement.js
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75569
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
cf-request-id: 09c7553ba100004e8be988a000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ba0iTZ8aMhHnIAa%2F%2FOi13vzn4YX%2BTcuFVEdbBtBKyPPoueaNBMCXFWS5QeDMuoZWFAaYyS4nR1qLXzc6n0QI0JrJsdYl96C4SXg38xLMAaxy9zOM%2BEnDkPYCcjFe"}],"group":"cf-nel","max_age":604800}
x-varnish: 1019708769 1018527960
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b0c3de84e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 ico-flamengo.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 22ms
21ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-flamengo.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e555478d721db554d486dc7c2ae2d3f4add3ab554cc81edb702d7f797da132d1

Request headers

:path: /_midias/reduced/menu/ico-flamengo.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83835
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1450
cf-request-id: 09c7553e1700004e8b1d347000000001
last-modified: Fri, 30 Apr 2021 02:59:15 GMT
server: cloudflare
etag: "608b7283-5aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4wVGlNPw6rIFhGZ%2B4Ym5skcXOpXLcOpvRHaiiFgAR6hG3S48B0pr9UteKV%2BRWVUVdHh12lLxG18mEHhgpXa1Od0Vmo3GFDpf%2F%2Bsqzkj4yQ4%2FMxFr939F8Gde1hQM"}],"group":"cf-nel","max_age":604800}
x-varnish: 69407536 67411348
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b102b0a4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-atletico.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 11ms
10ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-atletico.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eca44b7d480b8ea047f020f2f08763b3e4bbfab06fabf96f0e9f241a75f0a9

Request headers

:path: /_midias/reduced/menu/ico-atletico.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83835
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1380
cf-request-id: 09c7553e1800004e8bf2298000000001
last-modified: Fri, 30 Apr 2021 02:59:16 GMT
server: cloudflare
etag: "608b7284-564"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bxQHnKGeLGiSBPpZzUXNePsfHux62PpB%2Fh%2BEgXRyb9HK72l7F09GXqfwYNsVj2To21C2HG8bHX4Lw3%2FLIfKXCkG7FcryOTncykXKxcOSP%2BzCtq4xum4SS%2FnsQNlQ"}],"group":"cf-nel","max_age":604800}
x-varnish: 69179335 68722577
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b102b0b4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-corinthians.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 11ms
10ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-corinthians.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d6ff70d2b7dbbf999cd7817983d70b7a40bb33d63d3b663beb2e4386d4acbd1

Request headers

:path: /_midias/reduced/menu/ico-corinthians.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83836
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1463
cf-request-id: 09c7553e1a00004e8bffbcf000000001
last-modified: Fri, 30 Apr 2021 02:59:17 GMT
server: cloudflare
etag: "608b7285-5b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Tr%2B9drOW0%2BExOK1FjEr4EpmpgMWw3cpwZ7zUoeSgluKs3iYifXN1XsOVYrOLAdCgU6IOwL1WXLnjYQdmgz4%2B%2FKdxDRsuK8cJTqObY8an0mwuBj5T31K%2F1easg8p"}],"group":"cf-nel","max_age":604800}
x-varnish: 70484411 64108251
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b102b0e4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-botafogo.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 18ms
18ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-botafogo.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19c6350cc772c351bbeef48b5faddfb34239ea9942ffb9567e35a7dd64001303

Request headers

:path: /_midias/reduced/menu/ico-botafogo.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 198118
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1434
cf-request-id: 09c7553e1d00004e8bd4a8d000000001
last-modified: Wed, 28 Apr 2021 19:18:53 GMT
server: cloudflare
etag: "6089b51d-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u6zlhJSAksq1gBvYGugXdO%2FH82fL2nQ%2FC%2Bm0ZE3oY5zSsS3CzeKX%2BexhJHJJf%2F1hbowqYr7wMu5RchAncrtdUkHyZjfAu8rD7gwW1vXOfyaxTbKAM6Cmn9zTC%2FeP"}],"group":"cf-nel","max_age":604800}
x-varnish: 937497135
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b102b114e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-cruzeiro.png
www.opovo.com.br/_midias/reduced/menu/ 2 KB
2 KB 18ms
17ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-cruzeiro.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ab42fd2738b6f7e360ecbcf60ed7c532d75e944e85a009a3397f4d7a67c10f

Request headers

:path: /_midias/reduced/menu/ico-cruzeiro.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83835
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1611
cf-request-id: 09c7553e1c00004e8bd8be2000000001
last-modified: Fri, 30 Apr 2021 02:59:18 GMT
server: cloudflare
etag: "608b7286-64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n1pQ%2Fzil4SmPgNhlGYQg%2FHnYy%2FjtZLGq0SrNXVipKGiKghlz8%2FagHA5BiREGeRIOM629BbwkbMH7d5b9gu%2BxvMhezoNzEa9PixNeT2myKktgwVAvZfCY%2F9tCK6zi"}],"group":"cf-nel","max_age":604800}
x-varnish: 72089980 64108254
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b102b144e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-fluminense.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 17ms
17ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-fluminense.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3260ada7a202c54ba790f33e3252c611357eab584bec55f788a13a4e9d861e5b

Request headers

:path: /_midias/reduced/menu/ico-fluminense.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83836
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1441
cf-request-id: 09c7553e1e00004e8bac90e000000001
last-modified: Fri, 30 Apr 2021 02:59:18 GMT
server: cloudflare
etag: "608b7286-5a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lO3adDUL%2Funx4w8AR9Zkzk%2BPO3qh5%2FjLBJGx1er9QG3BRKY24pS%2BgRdzx643kq%2FThxakm2oXY9FYAiZVwykCXR%2Bn%2F7YQe4JmM29ZI45u%2Bzxvrse5A4OWA9kkb2hE"}],"group":"cf-nel","max_age":604800}
x-varnish: 71893369 64596152
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b102b154e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-gremio.png
www.opovo.com.br/_midias/reduced/menu/ 2 KB
2 KB 17ms
16ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-gremio.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8938c6b87446f08d0a7f530f2ea3ac840374ca40d79166f6ecaadfa9b9db407b

Request headers

:path: /_midias/reduced/menu/ico-gremio.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83835
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1644
cf-request-id: 09c7553e1f00004e8be4a69000000001
last-modified: Fri, 30 Apr 2021 02:59:19 GMT
server: cloudflare
etag: "608b7287-66c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xWyq%2FHeJDHRqX%2FW2LwYc2OpVOcWkHkPeyVa8MF3vu3ITGfNGrHsPza9AKDaZ7VC1vUeavFBCGDgzJJfnxzG2ZWw0xlVCSThi9sjV1YK7TAKzLmTVi%2BU8WbUJNhuY"}],"group":"cf-nel","max_age":604800}
x-varnish: 69212363 64596158
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b103b1a4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-internacional.png
www.opovo.com.br/_midias/reduced/menu/ 2 KB
2 KB 21ms
21ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-internacional.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03b44c6b400fac519d88ade3058e23c041edcff0494789275a4afb79f717e06

Request headers

:path: /_midias/reduced/menu/ico-internacional.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 281438
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1537
cf-request-id: 09c7553e2000004e8be18e8000000001
last-modified: Tue, 27 Apr 2021 20:08:18 GMT
server: cloudflare
etag: "60886f32-601"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Icv7A%2FG5H0ofQFuaDFD1NXFkSmeHDboFCAoYBqy2tJDEPHWX2cqkKp5Tl8KgPdSW7YUAzVBUPE2FsM0UDBZQ%2BxzmHzWOns%2BA0qI%2FkXcoJpWJdL0tyln1OYmJyhQv"}],"group":"cf-nel","max_age":604800}
x-varnish: 765529502 762715041
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b103b1c4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-palmeiras.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 15ms
15ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-palmeiras.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cbe8a6f452d3d2a87f60e32668acdaab4e62e50b2ee0b8050d3b3828775f61f

Request headers

:path: /_midias/reduced/menu/ico-palmeiras.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83835
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1495
cf-request-id: 09c7553e2200004e8bdeae8000000001
last-modified: Fri, 30 Apr 2021 02:59:20 GMT
server: cloudflare
etag: "608b7288-5d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=azKiTvAEV8LnfUOEQVQtnEs%2BbciUloRxz8NIAm%2ByKCoD%2BAdnIcwpwtwNLKUNTuiediaj67ELIdIYALEU91bJoVX1Ua%2FGC0z74xfQtsaIul4BoAYV9fEmkJVjiLs2"}],"group":"cf-nel","max_age":604800}
x-varnish: 71893375 69114788
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b103b254e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-santos.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 27ms
19ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-santos.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f3ed2e08a43cbdaa2c32f0dca58bf95277a89e2b857399ad11d4e0fb656673b

Request headers

:path: /_midias/reduced/menu/ico-santos.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83835
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1525
cf-request-id: 09c7553e2b00004e8bc201e000000001
last-modified: Fri, 30 Apr 2021 02:59:21 GMT
server: cloudflare
etag: "608b7289-5f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iotugQVFpzdi1myAxqX5tbZBkZAQFzxkUslUWjHUl09wOyI%2Fjcop6CW5HgPVTF%2FsSxM0dAZTK5u2x7nsdJWhIp3K%2FelVD7HyInGTyKvNeG%2FKMzRkDksz%2Furq2EYm"}],"group":"cf-nel","max_age":604800}
x-varnish: 69212359 69306540
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b104b334e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-saopaulo.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 158ms
56ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-saopaulo.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b008731a86ba82dd977825f31b0ba566fd3c693897d3928690cc2582a6f9063b

Request headers

:path: /_midias/reduced/menu/ico-saopaulo.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83836
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1452
cf-request-id: 09c7553ea200004e8b01a4b000000001
last-modified: Fri, 30 Apr 2021 02:59:21 GMT
server: cloudflare
etag: "608b7289-5ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FPjSH4ccf%2BvecZxOp4%2Fy1BQAStUqY2empljwL4EGMgMKvF8v8ltfQMrccHvDUMehwfJ0vsvBNDD%2BIsK%2BMX4hSLPWtCJRmy79SSB%2BSegnmZa976h5zN5Wz8NUFNNd"}],"group":"cf-nel","max_age":604800}
x-varnish: 70484413 68722583
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b110c0e4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-vasco.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 151ms
54ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-vasco.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba7fd787c02199e104993472f1cb118b9c77d4db60f3b85149d941d496dc2f8

Request headers

:path: /_midias/reduced/menu/ico-vasco.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83836
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1400
cf-request-id: 09c7553ea200004e8b148ed000000001
last-modified: Fri, 30 Apr 2021 02:59:22 GMT
server: cloudflare
etag: "608b728a-578"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=06Wr71RxDxZkHk7AhQoUC%2BZU%2FD0bJaUAavfd6kyQU%2BB3w4E7cZsxkKMSJHOy0TSqdmQOG1v2qfcFL2xOCLyuimkvOfpdauzfCYBQKAubmpQ75mXd770IznGwkff%2F"}],"group":"cf-nel","max_age":604800}
x-varnish: 71893371 64596161
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b110c0f4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_exame_covid_ceara-14277146.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 152ms
55ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_exame_covid_ceara-14277146.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcbba1eedff5c9424c8a6457689602c7bb9b53a616b76c6f25fe7f877f225e1e

Request headers

:path: /_midias/reduced/home/1_exame_covid_ceara-14277146.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 129
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5134
cf-request-id: 09c7553ea300004e8bc2023000000001
last-modified: Sat, 01 May 2021 02:14:24 GMT
server: cloudflare
etag: "608cb980-140e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3E2oKVmI8qa9YJSBIpv0hlP%2FeTqVfHE7rqEFFVS5CneztLM%2FYubV4hv9GDlksSGG1B%2BUufBZoX6x2MrkLyD7gOOZv0QrLaYA1h26CndpCmpgYmWchuH5IUsS%2Buvh"}],"group":"cf-nel","max_age":604800}
x-varnish: 231769574 231768925
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b110c104e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_bc8i2256-15603720.jpg
www.opovo.com.br/_midias/reduced/home/ 8 KB
9 KB 150ms
55ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_bc8i2256-15603720.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae912f9e546b734b322ebea9f81127f635b99f381c9a15c0430ff8274c5faf5a

Request headers

:path: /_midias/reduced/home/1_bc8i2256-15603720.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 131
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8248
cf-request-id: 09c7553ea300004e8bd8be9000000001
last-modified: Sat, 01 May 2021 02:14:24 GMT
server: cloudflare
etag: "608cb980-2038"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=22iN2JPVh6v031f787CuG6Er0g6UCUUIiVDZd13aU%2Bf%2FCKyMntpAOteIfSECbSAMzAoA%2FLD63ADmDm3u4jQ3GBAVmh4Nx5TBE%2FN3uwMH3j40%2FYOZOlIloGbkCiFJ"}],"group":"cf-nel","max_age":604800}
x-varnish: 233046229 232162463
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b110c114e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_jocelioleal-12638191.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 167ms
25ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_jocelioleal-12638191.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da003110565090cd4f205639da01e39843f1a00623f7bd8777709cb384c217eb

Request headers

:path: /_midias/reduced/home/1_jocelioleal-12638191.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4403
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2295
cf-request-id: 09c7553ed300004e8bffbd8000000001
last-modified: Sat, 01 May 2021 01:05:02 GMT
server: cloudflare
etag: "608ca93e-8f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V5srxURz34VLnt97xoYmlU%2FOn39fQXN3A03Hh%2BilisBxyK2HJwfF0Lcz3vCdirTPH7McZihQVGSVlRKHI5w%2FYJZMmw4kLGgM1P73NttyEd5v5hp3GUzg3b8lREh%2B"}],"group":"cf-nel","max_age":604800}
x-varnish: 222036408 219058295
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c6d4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_regina_ribeiro-12688459.jpg
www.opovo.com.br/_midias/reduced/home/ 1000 B
2 KB 167ms
25ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_regina_ribeiro-12688459.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f1bce8aa82599a816a5acd2ee3885209fdf761e313af46f895cbc724d8ce52

Request headers

:path: /_midias/reduced/home/1_regina_ribeiro-12688459.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 129
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1000
cf-request-id: 09c7553ed400004e8b0dbaa000000001
last-modified: Sat, 01 May 2021 02:14:19 GMT
server: cloudflare
etag: "608cb97b-3e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FhVFX2Y6c4a9n1NwnreGQQFILKMWBx80z2ZpU2%2FQH4PrgrdTUxvCoXoOZtlJRSETjKBt4P48lwH6i%2F0RcQ6huuHJu%2FHRuFbkvhdkeK09HPWjQH5TZfC78ig1qNYI"}],"group":"cf-nel","max_age":604800}
x-varnish: 231473515 230852999
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c6e4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_pliniobortolotti-12638758.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 173ms
32ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_pliniobortolotti-12638758.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c97bbefa216e0bc391d8c386a457a9b8a52d3b53d1d01ed1ef832d0fd783fdf

Request headers

:path: /_midias/reduced/home/1_pliniobortolotti-12638758.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 129
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2003
cf-request-id: 09c7553ed400004e8bac917000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-7d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VA%2BbFq%2F2I7htH9fRfp0SXWhNpRqxvxadlJRfIUA10NJ2tUHkpQMuQIikbGBZmqKbm4XGY722LaEXhELqPpElpO3hdUZkxQNKUTsm9wmdENwOgKehGPrtM7bYYPKB"}],"group":"cf-nel","max_age":604800}
x-varnish: 230853829 230558589
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c6f4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_graziani-14819120.jpg
www.opovo.com.br/_midias/reduced/home/ 904 B
2 KB 169ms
33ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_graziani-14819120.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1716dc321cf1b6c26b7f76578898c3861ba39fe99dc512f3c26d64c7a84bb69

Request headers

:path: /_midias/reduced/home/1_graziani-14819120.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3175
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 904
cf-request-id: 09c7553ed400004e8b1d351000000001
last-modified: Sat, 01 May 2021 01:28:19 GMT
server: cloudflare
etag: "608caeb3-388"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pGNdYJgky911ab6quyBZt%2FrclUsuUaZSXmeo3lTB6bZflm8UUiZXPp24B2mqCA7PqAO0MfGiNYicTpPhjSVR9a7KrUdAr3iifU6GHSLBRzTuAyRcgCCD3qY2EE42"}],"group":"cf-nel","max_age":604800}
x-varnish: 223515894 221973582
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c704e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_clovisholanda_2021-15447451.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 197ms
61ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_clovisholanda_2021-15447451.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1e776b76de2f3c5d26073ae5f6bf1b9d1a32a7e94c1df92fef491d7e6f6df59

Request headers

:path: /_midias/reduced/home/1_clovisholanda_2021-15447451.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 128
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2210
cf-request-id: 09c7553ed400004e8bdb334000000001
last-modified: Sat, 01 May 2021 02:14:19 GMT
server: cloudflare
etag: "608cb97b-8a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=625Yh6paHATMnBsYL%2BYpQ2OiUkuxI0kukanDGeJkiqQe3UuTdhiOnxu1YiFfMFbXElYh9pL3Iai2m%2BauPY7bTxod2EU7K9TUzerVgMJTt4owe%2B8elFf%2BENIhVRnb"}],"group":"cf-nel","max_age":604800}
x-varnish: 233603768 230558586
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c714e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_op__zenilce_bruno-15180068.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 178ms
42ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_op__zenilce_bruno-15180068.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dade69e79b2a778195412944100f6fc1cf02d9880b00ce4848c66de0408548b

Request headers

:path: /_midias/reduced/home/1_op__zenilce_bruno-15180068.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 128
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2137
cf-request-id: 09c7553ed400004e8bb0b01000000001
last-modified: Sat, 01 May 2021 02:14:19 GMT
server: cloudflare
etag: "608cb97b-859"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ACPwSUaC3JHlKgcV5IZhwKkz%2BAbQlF%2B1ftYld7E3Fwn5MRRzl5ozxQOl9I4fMML%2BU3uJZdKcfYbME7i6o2%2BbEXUBFGZOCvqpe%2BGGfj91m4FtFumzbi8dRZVy04Px"}],"group":"cf-nel","max_age":604800}
x-varnish: 231473537 233373913
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c724e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 logo-compre-dopequeno.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 9 KB
10 KB 197ms
62ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/logo-compre-dopequeno.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2121d2e43da18179a9a66cd77212546662297925068bf7004095d1c3ca7d659

Request headers

:path: /includes/assets/online/geral/imgs/logo-compre-dopequeno.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75568
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9054
cf-request-id: 09c7553ed400004e8bcd32f000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: "607754f1-235e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pjXyVr4FnXgyFYfRluS4NLU6rSkWEB%2FUbmrwsEqhVLYlrGh5%2BT9Vxlff282PJnsOW3lMuwdtm7S4W3FdPR%2FGXtXD1j96kk6ASL1%2B3BHhKFzzg0%2Fx4upS2ziexbSm"}],"group":"cf-nel","max_age":604800}
x-varnish: 1021051711 1019839030
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c734e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_thais_mesquita_centro_17_04_8_1-15489657.jpg
www.opovo.com.br/_midias/reduced/home/ 16 KB
17 KB 178ms
43ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_thais_mesquita_centro_17_04_8_1-15489657.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 981c077fa1e3bd21045f0a7087e0847a9d3af7d5aff9101aad7a20b6b4150adf

Request headers

:path: /_midias/reduced/home/1_thais_mesquita_centro_17_04_8_1-15489657.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 9191
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16340
cf-request-id: 09c7553ed500004e8bb9920000000001
last-modified: Fri, 30 Apr 2021 23:32:35 GMT
server: cloudflare
etag: "608c9393-3fd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=enROvjj1yc45lXEmjVD1B5UyrGJ06CYz%2Fhyx8yCTzgBwQgg3ETyp9sSGCHgrRCC5iTh9umr6PRVrUud37GQrGGwoLNit6p%2FqUnNSSjK4VIpKczvxAI4hs1l3eJ4q"}],"group":"cf-nel","max_age":604800}
x-varnish: 213484763 211223874
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c744e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_whatsapp_image_2021_04_30_at_10_55_16-15622191.jpeg
www.opovo.com.br/_midias/reduced/home/ 3 KB
4 KB 189ms
53ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_whatsapp_image_2021_04_30_at_10_55_16-15622191.jpeg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 506e66300b9f080eabbe30de08477930bb4c7327da5f6b26b02dfaf167b6451c

Request headers

:path: /_midias/reduced/home/1_whatsapp_image_2021_04_30_at_10_55_16-15622191.jpeg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 127
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3456
cf-request-id: 09c7553ed500004e8b1aaea000000001
last-modified: Sat, 01 May 2021 02:14:22 GMT
server: cloudflare
etag: "608cb97e-d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KYfu5e34CQ2jVOInZ4O8gURHCD9hWexpn0OlcqmzfCyf2ii%2BvgVxfmw9vZF9YKIHWtjzeEnSb18hWnwfgjHykEFyUlqXAIT%2FtVDrKT2AccHVd5y7MwqYPVsaB63C"}],"group":"cf-nel","max_age":604800}
x-varnish: 232753022 233373919
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c764e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_faustao_fala_saida_globo_2021_divulgacao-15624035.png
www.opovo.com.br/_midias/reduced/home/ 11 KB
12 KB 195ms
60ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_faustao_fala_saida_globo_2021_divulgacao-15624035.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 253f1f0c1d70dc321e68bdbdb2a8b23cc01a84e6fe39de1129037a76ed576113

Request headers

:path: /_midias/reduced/home/1_faustao_fala_saida_globo_2021_divulgacao-15624035.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 127
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11632
cf-request-id: 09c7553ed500004e8bc4acf000000001
last-modified: Sat, 01 May 2021 02:14:22 GMT
server: cloudflare
etag: "608cb97e-2d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vo6JdPz%2BKdx5zssZV74ySLUlCSN6CH3p4M7RZRojCTuqg7h4nrq10oLojvOKeA9k%2FE5ETJL%2BqO7bjjSnzATxjHt476o8OUOVEYKYi9lYs5ldB45tWuXZDVjtvtrk"}],"group":"cf-nel","max_age":604800}
x-varnish: 232753024 233373916
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c774e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_napoleao_coroacao_notre_dame_pintura_jacques_louis_david_1806-15628147.jpg
www.opovo.com.br/_midias/reduced/home/ 28 KB
29 KB 215ms
80ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_napoleao_coroacao_notre_dame_pintura_jacques_louis_david_1806-15628147.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2109387be706d5e1a60a467a0af84c418fb7e5ff3e8d1bc47aaf42975ca7507

Request headers

:path: /_midias/reduced/home/1_napoleao_coroacao_notre_dame_pintura_jacques_louis_david_1806-15628147.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7699
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28558
cf-request-id: 09c7553ed500004e8bcfa77000000001
last-modified: Sat, 01 May 2021 00:06:21 GMT
server: cloudflare
etag: "608c9b7d-6f8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BHjaI14LCIj%2FcjcgE4DauLJQHQ%2BppZdCR6kzQd7mlR%2F7af0qCWA48IVrkt2Lo%2FHKpazgsPe0DZB%2Frybd3vHNi4qBSbTjCCl5PGcAFikb5KX%2FjZNfrOnfZyTA1Cpr"}],"group":"cf-nel","max_age":604800}
x-varnish: 214664493 215319190
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c794e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_whatsapp_image_2021_04_30_at_11_46_26__1_-15622871.jpeg
www.opovo.com.br/_midias/reduced/home/ 14 KB
15 KB 253ms
118ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_whatsapp_image_2021_04_30_at_11_46_26__1_-15622871.jpeg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c496f2bc7c2632cd59364758ace61153379b955f9fbffc7708c00c954dfb0b15

Request headers

:path: /_midias/reduced/home/1_whatsapp_image_2021_04_30_at_11_46_26__1_-15622871.jpeg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 126
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14210
cf-request-id: 09c7553ed500004e8bd4a98000000001
last-modified: Sat, 01 May 2021 02:14:22 GMT
server: cloudflare
etag: "608cb97e-3782"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZHPOc7TGSn6GQQgX8jQyunrkHGSKdS5BmoS4vD%2FkGPVwa8QSuSasllLmmwQ8ftGUp7M3cdcy2Q%2FeJ8AHtzmsya9mIGB5YnFD6gJ0D619POUJV%2F5ki%2FYmmkWlDi4h"}],"group":"cf-nel","max_age":604800}
x-varnish: 230853865 230558594
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c7a4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_clubeopmais-14477185.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 253ms
119ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_clubeopmais-14477185.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe9772d95cbe28e814b4e2106f9d42eb1e711d209707c73d36fe754465b7387

Request headers

:path: /_midias/reduced/home/1_clubeopmais-14477185.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 126
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7168
cf-request-id: 09c7553ed500004e8b0822b000000001
last-modified: Sat, 01 May 2021 02:14:20 GMT
server: cloudflare
etag: "608cb97c-1c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5GlsNRdw3E15g98XbZnzVwZFgIuSrIQukDL%2Bi%2BhHifccAi8VvJLjPQ56dxJvc%2BUIgJf4HZcU2FXF2YtPFdOtG1wxzlqKZCg4NZWLxHIKjB8uGWvTyfJibUr%2BAZ1E"}],"group":"cf-nel","max_age":604800}
x-varnish: 232359011 233373922
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c7c4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_capa___mudancas_de_clima-15533225.jpg
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 253ms
119ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_capa___mudancas_de_clima-15533225.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df73b88229efee147afd8afd6cfb635b22a5b296713d4f2e8602be78aeeefd4a

Request headers

:path: /_midias/reduced/home/1_capa___mudancas_de_clima-15533225.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 126
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2052
cf-request-id: 09c7553ed600004e8ba582e000000001
last-modified: Sat, 01 May 2021 02:14:20 GMT
server: cloudflare
etag: "608cb97c-804"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K0BiCwbYW9mdOG%2F8PY%2FFCqso6ItA4iB8LQRErVLXq1IcMs7ysQp1%2FMPJk60zHq6sDklzC2%2FZRDbkqFEKCKBAJNQo9nBhmhCEVHFl6SCud6D7z1h%2BNxl28fso%2BR%2Fa"}],"group":"cf-nel","max_age":604800}
x-varnish: 231769595 230558597
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c7d4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_charge_capa_opmais-15532974.jpg
www.opovo.com.br/_midias/reduced/home/ 1 KB
2 KB 258ms
124ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_charge_capa_opmais-15532974.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ed1ec2ced5d9d4342f5db0ee37f37557f6772de952e3182879cb61ae89f9986

Request headers

:path: /_midias/reduced/home/1_charge_capa_opmais-15532974.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 126
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1400
cf-request-id: 09c7553ed600004e8be4a72000000001
last-modified: Sat, 01 May 2021 02:14:20 GMT
server: cloudflare
etag: "608cb97c-578"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TmxxIrbbpF9sRe7tDSJhkNkqaN5t2VejF3uPoIqoOTVMJmVLQ6zR7ktStkS8Yaud%2FMvTCDxR8ODQi5FcSDWIomoShK9Sjmds8Yul5%2F5rovHQhavfhjsvlBOYp04h"}],"group":"cf-nel","max_age":604800}
x-varnish: 230853882 230852993
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c7e4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_capa_01_01-15588151.jpg
www.opovo.com.br/_midias/reduced/home/ 3 KB
3 KB 195ms
61ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_capa_01_01-15588151.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c68dc10b5c3627a75af30a5208dabf36afb0d78a6b9a61b59fe10f502d55f94

Request headers

:path: /_midias/reduced/home/1_capa_01_01-15588151.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 125
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2832
cf-request-id: 09c7553ed600004e8bba9db000000001
last-modified: Sat, 01 May 2021 02:14:20 GMT
server: cloudflare
etag: "608cb97c-b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ol1QAp8e0MbtWaBRcKe%2FBa0CzRFkgzcLTgc9C7smTL1HtbMi%2BfXjO5pF%2BadvgoIThSvhW3kGrjt44BHRyg96eQb4INPXZIKGSEUTIbikAZRfcfC0HLLosplqUkET"}],"group":"cf-nel","max_age":604800}
x-varnish: 233374874 233373925
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c7f4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_walter_benjamin__e_asja_lacis___capa-13659194.png
www.opovo.com.br/_midias/reduced/home/ 15 KB
15 KB 276ms
142ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_walter_benjamin__e_asja_lacis___capa-13659194.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017ee2612ecc9b8246c951158c0982c263679899b0bb803a101d06e5be06151d

Request headers

:path: /_midias/reduced/home/1_walter_benjamin__e_asja_lacis___capa-13659194.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 125
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15156
cf-request-id: 09c7553ed600004e8bf33c9000000001
last-modified: Sat, 01 May 2021 02:14:20 GMT
server: cloudflare
etag: "608cb97c-3b34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9nX20X%2F9bY2qC%2FRLHBWKZWq0TJb%2BDBZm7kQh2MRp%2Br6jV1jSaP12HGqxhYaADnz%2FgcsvpkKcqHf7zoaMHy9P%2FfyXutRtl4anF6JC8%2BogsikVIPAzIvbTRJlQaRr4"}],"group":"cf-nel","max_age":604800}
x-varnish: 233603795 230558600
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c804e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 capa-jornal.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 47 KB
47 KB 275ms
142ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/capa-jornal.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14108e25edfa81b17888975728e2d284650900547552a3b445b3d216976a327

Request headers

:path: /includes/assets/online/geral/imgs/capa-jornal.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75568
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47816
cf-request-id: 09c7553ed600004e8bb5b4f000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: "607754f1-bac8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HY9rxgh%2FQEDVfae%2BJQzp9hSuB%2BOVNTdIPFhVPpU0L61BmfMcQlm6a9JBMwwS27a2TxquSytdOpzgEfHMlnWl8KNzv6J9SjNXuMrgKLjygIKXxZmZ3BIK3ecKOwh3"}],"group":"cf-nel","max_age":604800}
x-varnish: 1011256401 1009977434
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c834e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_captura_de_tela_2021_04_29_a__s_17_50_00-15617154.png
www.opovo.com.br/_midias/reduced/home/ 12 KB
13 KB 209ms
75ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_captura_de_tela_2021_04_29_a__s_17_50_00-15617154.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e75a413792a564fbd4e4e757739891d028132351c4b60e5626c56e5e0cb2b4f1

Request headers

:path: /_midias/reduced/home/1_captura_de_tela_2021_04_29_a__s_17_50_00-15617154.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 124
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12795
cf-request-id: 09c7553ed700004e8bcc2dc000000001
last-modified: Sat, 01 May 2021 02:14:19 GMT
server: cloudflare
etag: "608cb97b-31fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Er%2FHzs%2FdrapSsTkGaKzArKu3fXazgnRAizPDKb%2FzYcw1TNip7ai44%2Baz%2FmQ7v77svzcOJaQtPix8jAdn5fjUTkm0JOei1G9Jv7Mepc8%2F6EfLahlGOoIySkCVU9T"}],"group":"cf-nel","max_age":604800}
x-varnish: 232359047 233373928
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c854e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_vacinacao_parque_da_cidade_mcamgo_abr_180220211818_16-15548537.jpg
www.opovo.com.br/_midias/reduced/home/ 6 KB
7 KB 252ms
119ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_vacinacao_parque_da_cidade_mcamgo_abr_180220211818_16-15548537.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6431a993d0885822b9d745157eda00ef2795b5f7fd299e95ee7313391007638a

Request headers

:path: /_midias/reduced/home/1_vacinacao_parque_da_cidade_mcamgo_abr_180220211818_16-15548537.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6431
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6102
cf-request-id: 09c7553ed700004e8bb3812000000001
last-modified: Sat, 01 May 2021 00:23:08 GMT
server: cloudflare
etag: "608c9f6c-17d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mk%2B5VFZxCRdf728s9dQahMouBqGvNnuSenKP8945XFzb3FdB8DXwakKlg%2Fei85samfyP6fRCMspfiKNOHpKoQlstt3%2FBfr9WjOYsyZPBOhp0VqXJyzAwX62vRoUX"}],"group":"cf-nel","max_age":604800}
x-varnish: 215518470 216629281
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c864e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 button-opovo-cbn.png
www.opovo.com.br/images/imgs/portal/ 5 KB
6 KB 276ms
143ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/images/imgs/portal/button-opovo-cbn.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b3fdf7132afb85d663fd4bc49a66d6b864a8f6dbfe8e861908b6395207979e

Request headers

:path: /images/imgs/portal/button-opovo-cbn.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75568
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5301
cf-request-id: 09c7553ed700004e8bc98b7000000001
x-fivecom-rewrite-redirect: 1
last-modified: Fri, 31 Aug 2018 19:29:57 GMT
server: cloudflare
etag: "5b899735-14b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WNvrlYRpAOEOfayXMvUih1IJd%2FOYY4bK57iQw4fnxCFLmkqRnadM%2BGf044fqr1LqPEjZ98RejlRgA47hIpMCtmjekAfE2NqmDFhJ7g9Rp2suGy0l2PtKoqd6kl7h"}],"group":"cf-nel","max_age":604800}
x-varnish: 1019708810 1013745463
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c884e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1__mg_6708-15158835.jpg
www.opovo.com.br/_midias/reduced/home/ 3 KB
3 KB 287ms
155ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1__mg_6708-15158835.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdcaa2d38761377a1decd505ea1baae665e6c61f77109405b75e007aec150e87

Request headers

:path: /_midias/reduced/home/1__mg_6708-15158835.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 20
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2788
cf-request-id: 09c7553ed700004e8b04a77000000001
last-modified: Sat, 01 May 2021 02:16:33 GMT
server: cloudflare
etag: "608cba01-ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TJcsoNBRvcEAhX2g%2BqbhKO9cDLM1iOakdRzFspMheHxHUZAihtQ8XAezTfzowuIq9Ke0iFzaCjfvpEGuI6BhTlZErQnZBZXYcOfFQoG4v6VLkeIdyGx9Kiu%2BFWcl"}],"group":"cf-nel","max_age":604800}
x-varnish: 232753206 228038428
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c8a4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_richard_e_matheus_teixeira-15623490.jpg
www.opovo.com.br/_midias/reduced/home/ 13 KB
14 KB 208ms
76ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_richard_e_matheus_teixeira-15623490.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90ecb403f0b6aab877e0adadfa636d9c8da705b989bbc7fd139a772a505c2f7a

Request headers

:path: /_midias/reduced/home/1_richard_e_matheus_teixeira-15623490.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 20
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13742
cf-request-id: 09c7553ed700004e8bbe896000000001
last-modified: Sat, 01 May 2021 02:16:33 GMT
server: cloudflare
etag: "608cba01-35ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iLfh70u1kbrudsmsOR0civm8u0iq3T00vuri8a2%2BOTkPXDkx8xewJX2LNpcuLF6EUBjc4z%2By%2F5T%2BnmHroIWIkuO6UbqiqmNi2kKOfdeYw3YCPAaDOcPOD8RKTEzb"}],"group":"cf-nel","max_age":604800}
x-varnish: 232753204 230132863
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c8c4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
37 KB 185ms
53ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBWHQHX

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45299f368e6389142d9524d0848c3b9077e7b8f0547db564bba9658d55972698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37674
x-xss-protection: 0
last-modified: Sat, 01 May 2021 00:18:43 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 May 2021 02:22:38 GMT

GET
H3-29 200 1_solange_almeida_cantora_show_apresentacao_ao_vivo_transmissao_live-15619853.jpg
www.opovo.com.br/_midias/reduced/home/ 6 KB
6 KB 287ms
155ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_solange_almeida_cantora_show_apresentacao_ao_vivo_transmissao_live-15619853.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02351b56ec88ccac51670628017be0fa6e33f08521735b4ec5dda988183cc967

Request headers

:path: /_midias/reduced/home/1_solange_almeida_cantora_show_apresentacao_ao_vivo_transmissao_live-15619853.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 123
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5800
cf-request-id: 09c7553ed800004e8bfd32e000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-16a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BV3lO0edWYdpUbkgcMToCEGBGZM%2FBWp2HJoSFe8Y43f%2FtmfDj%2FkHqG7eOBAVdpupFlYvIldhXnvx%2BmfPPzdd6iWurI0zrGVaSW8n9v1W3vidshoYJj7vMRsjNobv"}],"group":"cf-nel","max_age":604800}
x-varnish: 232492497 230558603
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c8e4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_120554710_1142389882829520_3917692257414403882_n-15584543.jpg
www.opovo.com.br/_midias/reduced/home/ 14 KB
15 KB 287ms
155ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_120554710_1142389882829520_3917692257414403882_n-15584543.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef82d21f259fcab1c14752fd5b4890ba9ec3ff99dfd9a26cbbfd21d92f3720b0

Request headers

:path: /_midias/reduced/home/1_120554710_1142389882829520_3917692257414403882_n-15584543.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 121
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14698
cf-request-id: 09c7553ed800004e8bf1962000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-396a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JwORvQbzSavHI8WkZIXE69qCGLrXLO2LiVIi3HMfn3XZXFJl6MvzyxCzKywMS7bEvAA3HzWaBaAiUOrV1o%2FDjydMOSrJuItYO7TJ12YXXjktkfyNKFF89lk2X3Ip"}],"group":"cf-nel","max_age":604800}
x-varnish: 234029326 233373931
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c904e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_anitta_girl_from_rio_1-15617996.jpg
www.opovo.com.br/_midias/reduced/home/ 10 KB
11 KB 253ms
122ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_anitta_girl_from_rio_1-15617996.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22324e2d97060bb46edc8f9dfe4d115755c59e7272c4cde9aa0e0455cc194392

Request headers

:path: /_midias/reduced/home/1_anitta_girl_from_rio_1-15617996.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 121
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10304
cf-request-id: 09c7553ed800004e8bc53fe000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-2840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cuPZ3Bp%2BfFnMVQj8KSI8Tis2tVgau21RANZ07Lu4c3Abk8R1nYVdMTKNtyIK92Vq4TEMAOxPvslF%2Fp5yG7BbTFNVCg3Cie13xmH56PP6m0bKmvaqRSJEqyf1Mvkd"}],"group":"cf-nel","max_age":604800}
x-varnish: 233603898 230558606
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c914e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_whatsapp_image_2021_04_30_at_14_36_09-15624497.jpeg
www.opovo.com.br/_midias/reduced/home/ 12 KB
13 KB 206ms
75ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_whatsapp_image_2021_04_30_at_14_36_09-15624497.jpeg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84e0eddb17a8074caa3d6e6a84c220130e9d0827bcc024ec5cc7a54b820c83c2

Request headers

:path: /_midias/reduced/home/1_whatsapp_image_2021_04_30_at_14_36_09-15624497.jpeg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3175
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12178
cf-request-id: 09c7553edb00004e8bb3154000000001
last-modified: Sat, 01 May 2021 01:28:19 GMT
server: cloudflare
etag: "608caeb3-2f92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8t5AdEphr66%2BUnRJtY5fQDx1b6Ns4ZxFRhVbk7NBztwfydLYwaKg1%2BcZJ6qG2MF%2FSXieS7UGlubtMihfgWatCIvrxdJwPwz05aSNCKZDdzyjaOSVkfOxUE5A%2BNWZ"}],"group":"cf-nel","max_age":604800}
x-varnish: 223711515 224363304
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c924e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_imagem_2021_04_28_201852-15608211.png
www.opovo.com.br/_midias/reduced/home/ 8 KB
9 KB 237ms
123ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_imagem_2021_04_28_201852-15608211.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea8150cacd7d55a155afb7d49e6389adff767a73bf099e67e95e6c516871150

Request headers

:path: /_midias/reduced/home/1_imagem_2021_04_28_201852-15608211.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 121
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8478
cf-request-id: 09c7553ed800004e8bf22a1000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-211e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gxRoADgPHG6mq4CcPz6WsRnY3GCEY%2FWZHng8vhFzx1YGDZ3X%2BzgqpUsIhDAllA2A6EfYt9wPmZHqjbJqaQCtDvIe8mwpn6onPO5ZguC5pJWqwgDWIqYvRVx7vDS%2B"}],"group":"cf-nel","max_age":604800}
x-varnish: 232492533 230558609
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c934e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_forcaos_2021_detectordemetal-14778700.jpg
www.opovo.com.br/_midias/reduced/home/ 11 KB
12 KB 247ms
139ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_forcaos_2021_detectordemetal-14778700.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6611f7c007adba860a0f02c9836b9bf051b95f6f952aaa8e15e8e6988c11428a

Request headers

:path: /_midias/reduced/home/1_forcaos_2021_detectordemetal-14778700.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 120
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11130
cf-request-id: 09c7553ed900004e8bf5b2c000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-2b7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PlC4Gklr37TCoG6mJfhe7gT9kqtdmLndU%2FP8%2Bge1SXhg4XAzQDTnoMdHkmXNLkL3SexbcIXUaJ3WeehHoXiefr1F0fQP1g5KfUEFCLD51%2BRpkqJ2m3Yvnqs%2BrDo%2B"}],"group":"cf-nel","max_age":604800}
x-varnish: 229413079 230558621
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c954e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_reprodrucao_google_blog_do_farias_junior-14778733.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 262ms
155ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_reprodrucao_google_blog_do_farias_junior-14778733.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 594daf03c1101103eddb292d1d583d676128ce34437974d935d36cd13105b2be

Request headers

:path: /_midias/reduced/home/1_reprodrucao_google_blog_do_farias_junior-14778733.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 120
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7582
cf-request-id: 09c7553ed900004e8ba6034000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-1d9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4vsNvlZh9Jw2KuWGnqZIuzJvNW%2Bw0N%2B%2FLXq4u81GnCA9ODHTXscvzbREFBBXNH2rbRLY%2Bqt77Xe6s5Tyq4Vc26P2pgI7ebtLMcJSdk5gs0TCPy%2Bgrb%2BS07Elm0bS"}],"group":"cf-nel","max_age":604800}
x-varnish: 229413084 233373940
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c964e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_macross_1_1_740x416-14778766.jpg
www.opovo.com.br/_midias/reduced/home/ 14 KB
15 KB 282ms
175ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_macross_1_1_740x416-14778766.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffd3ebc4f4b8632daa70fcabfc113a813769ba38e0dce48763b9c6fed713c4b8

Request headers

:path: /_midias/reduced/home/1_macross_1_1_740x416-14778766.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 119
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14450
cf-request-id: 09c7553ed900004e8b01a4e000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-3872"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2FzFzgzSdioGU167k2kMu6W6mmgTmz2s%2FfrEkoPpUn%2FjMVtd5WNEmYAVWTIwYC24hwTC3V8jt7Z266qHLGJ%2BBlmFt3xzf9FAK0g0gpbrfTVmhjl9ljdtok4xXBSk"}],"group":"cf-nel","max_age":604800}
x-varnish: 230853917 233373937
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c974e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_thumb_covid-13471235.jpg
www.opovo.com.br/_midias/reduced/home/ 12 KB
13 KB 282ms
176ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_thumb_covid-13471235.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56fa03af190ddd1ae7399eaf140a542faec293fb51b9158e68a7306200148598

Request headers

:path: /_midias/reduced/home/1_thumb_covid-13471235.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 119
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12678
cf-request-id: 09c7553ed900004e8bffbd9000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-3186"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4g%2Bk9pPCGp9Hef85EUATUnvvZFbqT9bAsyXjelpe0rRy7kw05ASbnMwyLrm2vxCg%2FbQRDfsChXM3MNLxZ7ux96cBPjz6TLUY4M%2BkmXlO4bBgrrzMbq%2F2kQ0TsuId"}],"group":"cf-nel","max_age":604800}
x-varnish: 230853925 233373934
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c984e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_thumb_messi-13471317.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 282ms
176ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_thumb_messi-13471317.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0632c96b83e70afbacee4a70ff9670587dcaf08d59af6a9d93312bbf77637a75

Request headers

:path: /_midias/reduced/home/1_thumb_messi-13471317.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 119
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5260
cf-request-id: 09c7553eda00004e8b0dbab000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-148c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jsazUPrxLfdEzv%2BuVBhygxwlcP3uQttN7MhGopDRWA5LvwKkSMovMhcK5sn4kR5Q1sO%2FamgkfovXW%2F7hqCSkt11lnsE9MFVIdCE4Co167GUSwxbaLDQdyede%2BTjz"}],"group":"cf-nel","max_age":604800}
x-varnish: 233997518 232491161
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c9a4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_thumb_agir-12935144.jpg
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 289ms
183ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_thumb_agir-12935144.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cec172b03220fd92a2c023bd96f5cc3e8b24e022496a91d01ca95ea5f8bdc3f9

Request headers

:path: /_midias/reduced/home/1_thumb_agir-12935144.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 119
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2172
cf-request-id: 09c7553eda00004e8b148f1000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-87c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ipONvqnBr7SLYgcu9CjxE2yyZoFj7l%2FT978KRDKby24HQKtBYNN05Hvd2vJHvffHOXFL6RN6oDudI%2FSqNhjkUzRkV1PhVgOV4jU2ds%2BGAKEMqN3KjG5OEENi7Td4"}],"group":"cf-nel","max_age":604800}
x-varnish: 233997539 233373946
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c9d4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_thumb_bolsonaro-13379238.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 289ms
184ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_thumb_bolsonaro-13379238.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a7f9d45bc863311414e1e9d616079ac1516a9043d4148d75ddf2483ab99b53d

Request headers

:path: /_midias/reduced/home/1_thumb_bolsonaro-13379238.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 118
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5236
cf-request-id: 09c7553eda00004e8bcd330000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-1474"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6iKs2GPYnruCeVMooUt2R5sUgnupeUBvWYJzp7J6p0WxMfCJtWGdPjhU4%2F8ktzQD2kmmo9XWvkEsCAlfyHshXH4JIjkXJ6aoqs0SHIr6sfx8vISUC%2BVwAXcmXQyP"}],"group":"cf-nel","max_age":604800}
x-varnish: 233997561 230558612
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c9e4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_thumb_sidney-12935276.jpg
www.opovo.com.br/_midias/reduced/home/ 4 KB
5 KB 288ms
184ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_thumb_sidney-12935276.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 329ed7a7f4a9b8f4d59c51c09725dd2e70c22a3e2ee3eefe8cbd7ff696935e8c

Request headers

:path: /_midias/reduced/home/1_thumb_sidney-12935276.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 118
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4116
cf-request-id: 09c7553edc00004e8bc98b9000000001
last-modified: Sat, 01 May 2021 02:14:21 GMT
server: cloudflare
etag: "608cb97d-1014"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vz1SMsm%2BssgTcuYxdTwCH%2FkUoT%2FI%2BJNGJ3ncG2FIsnILAt0JqZedcodUn038U9SMVI8Q3ryBAgCbGEzFAHynwvYZo0g1R5dIO9aAS0L5IL1sdGAK5Ee4L2dNNRaB"}],"group":"cf-nel","max_age":604800}
x-varnish: 233046242 233373949
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c9f4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_energia_limpa_2-15307955.png
www.opovo.com.br/_midias/reduced/home/ 23 KB
24 KB 303ms
199ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_energia_limpa_2-15307955.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f86c5f6541755bcc63cab085cae7679be3583e6afefe5e336f977f4a8f5a59f4

Request headers

:path: /_midias/reduced/home/1_energia_limpa_2-15307955.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 117
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23868
cf-request-id: 09c7553edb00004e8bdb335000000001
last-modified: Sat, 01 May 2021 02:14:18 GMT
server: cloudflare
etag: "608cb97a-5d3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KVYlkRyd8qVMe8hh0PwsIq5%2FSwxomp2ml%2F2i8iPHLaoCcn3D7wZ7PBIawLCFQm6o1lRkeqXWqNQ%2Fj91urAJmJztA%2F6g1KKHIw7nbeTwJb0oTD2maf9daDvM69KRb"}],"group":"cf-nel","max_age":604800}
x-varnish: 232753042 231769098
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115ca44e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_botanica_principal17-11548231.jpg
www.opovo.com.br/_midias/reduced/home/ 4 KB
4 KB 303ms
199ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_botanica_principal17-11548231.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9298f88a525ce9829ebe9ba4cf4692da2f12b278579999aa9453ed570b02b4a0

Request headers

:path: /_midias/reduced/home/1_botanica_principal17-11548231.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 117
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3744
cf-request-id: 09c7553edb00004e8b29182000000001
last-modified: Sat, 01 May 2021 02:14:19 GMT
server: cloudflare
etag: "608cb97b-ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z9D5psvGuo7Qkjqt2254PI5kmQo7whXSxBDGtITVrhzcoo5z3qOUbTDoxM%2ByyF5VuEqVQAnlIwjBkYuJQ2yWzY2nNtL7f6TZDz%2FtztMsDJznry%2FcSNWg1Rw4WXdw"}],"group":"cf-nel","max_age":604800}
x-varnish: 230949611 233373943
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115ca54e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_violencia_internet-12264957.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 303ms
200ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_violencia_internet-12264957.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6709016dd2b93604284c2125b0b3859f14235bec1b914a07a21f0f810dddaca

Request headers

:path: /_midias/reduced/home/1_violencia_internet-12264957.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 117
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5408
cf-request-id: 09c7553edb00004e8b1aaeb000000001
last-modified: Sat, 01 May 2021 02:14:19 GMT
server: cloudflare
etag: "608cb97b-1520"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ozsQZIiDJVGi4Fbc9DHopGDMcXaJN7K26d8iFoyFVJe9Rl8%2Ft4R6ZPoima4ELIEjgnqbpLAmSzk%2B8gjhkSI3Ap84zKW%2BQrYXsd8vmJBDIgiYXmV%2Fi7DBaePZXlvi"}],"group":"cf-nel","max_age":604800}
x-varnish: 233603918 230558618
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115ca74e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_alemao_kitesurfe_idoso__9_-10301272.jpg
www.opovo.com.br/_midias/reduced/home/ 4 KB
4 KB 308ms
206ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_alemao_kitesurfe_idoso__9_-10301272.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bdb6f8aa5a7bc7d329c8ef830a1ed2c19194e59d91b3316192aae5ffbc4cfe5

Request headers

:path: /_midias/reduced/home/1_alemao_kitesurfe_idoso__9_-10301272.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 116
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3838
cf-request-id: 09c7553edb00004e8bc4ad0000000001
last-modified: Sat, 01 May 2021 02:14:19 GMT
server: cloudflare
etag: "608cb97b-efe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fBFSSsuVLIaUZky7OE418pYWwAoLqrtiRNAfxIjMqYFnu1iRYwdgny8K%2FeeM59HfpreNMJx7UuOhc5k9C7FTTiEXCfTgCT2ZP1w0nuy36mrMGNFpdrjpQ2Dz7l%2Bz"}],"group":"cf-nel","max_age":604800}
x-varnish: 230853956 230558615
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115caa4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_agir-13650005.jpg
www.opovo.com.br/_midias/jpg/2020/09/29/295x195/ 24 KB
25 KB 308ms
206ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/jpg/2020/09/29/295x195/1_agir-13650005.jpg?r=no_reduced
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98d74970717c82f642c4388632e8853522c1e16f36190cc9b2aa3f06a9bd776b

Request headers

:path: /_midias/jpg/2020/09/29/295x195/1_agir-13650005.jpg?r=no_reduced
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 231079
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24518
cf-request-id: 09c7553edc00004e8bf33ca000000001
last-modified: Tue, 29 Sep 2020 14:12:49 GMT
server: cloudflare
etag: "5f7340e1-5fc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DDuyAuPiyAUwJIGxJQWPa2cIFeAtcFdc4gD6qHpemTKcumTLGxAgN68cIQj57skyEHR1NHNF7pGxGePC2XIB2HqnATvE%2Bd%2FS8E%2BSuCcUBGEu0GCg9AR%2FfISQ5Byg"}],"group":"cf-nel","max_age":604800}
x-varnish: 702414864
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115cab4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 pause.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 2 KB
2 KB 305ms
207ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/pause.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 094f185cfcb993d51c2047ca1ba82e1b4609fac9cdec41a4c464c55e5c4bef1f

Request headers

:path: /includes/assets/online/geral/imgs/pause.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 231079
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1708
cf-request-id: 09c7553edc00004e8ba5830000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-6ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TXIa%2BzySIVCE0y2w8x7diL3LDhoAEuV7mN7fgo7ICpV7QjHMO%2FqrpkgqJZrsYn9B8qn2QuT400XN0hFiPvMZFzgLVHheIB7r%2By555dYyhmJAJtuSkaM1kplO8RdM"}],"group":"cf-nel","max_age":604800}
x-varnish: 702677002
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115cad4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_captura_de_tela_2021_04_14_a__s_18_19_39-15455336.png
www.opovo.com.br/_midias/reduced/home/ 17 KB
18 KB 305ms
214ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_captura_de_tela_2021_04_14_a__s_18_19_39-15455336.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20026aa84c648fe8d0c406c01f503a37037ed007a4f63279abdd27fb8e69614

Request headers

:path: /_midias/reduced/home/1_captura_de_tela_2021_04_14_a__s_18_19_39-15455336.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 115
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17592
cf-request-id: 09c7553edc00004e8b09855000000001
last-modified: Sat, 01 May 2021 02:14:19 GMT
server: cloudflare
etag: "608cb97b-44b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y3TQjnGqUkVbTTICaCJW2PacbmT9D9Vlaal3h%2FSWk%2Fmnelo9X12EDQ8SK6z4ByTJqxYTJs53zw5vRJ4nIhbiO6CaOoy4qvBh78h2qewUwjTPdFZXsLoRHi7Uu396"}],"group":"cf-nel","max_age":604800}
x-varnish: 229413161 232980698
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115caf4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 comunidade-nerd.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 3 KB
3 KB 305ms
215ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/comunidade-nerd.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 090e68adead733e6c4f72552fe5d5808ea5ae87d937ed40de5a3ad72284ae1b6

Request headers

:path: /includes/assets/online/geral/imgs/comunidade-nerd.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75568
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2840
cf-request-id: 09c7553edc00004e8bfd32f000000001
last-modified: Thu, 22 Aug 2019 17:18:36 GMT
server: cloudflare
etag: "5d5ece6c-b18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jytu6oa8zvHedlX7pYuDEnWWva7K5Pe4UrN7U%2BJya2Fk2oQ91DKU8sOb2MPUwYAlK4HY8uatOAaaibp5MTQGAFSXSIQM4YwbyR9n60ByKq%2FeA1nzDOtu%2Bl542VR0"}],"group":"cf-nel","max_age":604800}
x-varnish: 1017774202 1019839045
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115cb04e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_cidade_invisivel-14730994.jpg
www.opovo.com.br/_midias/reduced/home/ 8 KB
8 KB 300ms
215ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_cidade_invisivel-14730994.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7ac24fc14f0e3646d4c3e1cecfdf596cf3dbae1e5fcdc43239a1b69585bbe7

Request headers

:path: /_midias/reduced/home/1_cidade_invisivel-14730994.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 115
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7942
cf-request-id: 09c7553edc00004e8bf1963000000001
last-modified: Sat, 01 May 2021 02:14:19 GMT
server: cloudflare
etag: "608cb97b-1f06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yobaZ%2FKoeUHGMZ7I%2FURDbQPyLX9IuL57ogbMvfnPt8u8Tqv4FP6cIS3sZtGS7KMCD38mu5T8QlrQmMegkIOW0hhNKUbLSLMBifb4KjYfq2UsmnAToJKnOzj2wXjS"}],"group":"cf-nel","max_age":604800}
x-varnish: 229413163 232980701
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115cb14e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 empregos-e-carreiras.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 3 KB
4 KB 301ms
215ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/empregos-e-carreiras.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3e883baafd0aa9d5f7e1ba2b49d6a9c458e2085bc0575d00a31d5bde3e5ac5

Request headers

:path: /includes/assets/online/geral/imgs/empregos-e-carreiras.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75568
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3141
cf-request-id: 09c7553edd00004e8b12170000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-c45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7J3oo8mnGsX84RQwZuZnkC5Hv%2Bb1z66Xp46OXrrp5g8qQozBLCqHUyinPexyxrNZg3oj3AaRZn4AOxer6Lsanaj%2FVqcIiSOPnprbmHkh6Rf5wAryPSeRmSdEKd4X"}],"group":"cf-nel","max_age":604800}
x-varnish: 1011256407 1013745466
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115cb24e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_3-14145342.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 307ms
220ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_3-14145342.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9197f7576ef57637c5e474669fd48214472afadac777b047225ce6ca48cf41cf

Request headers

:path: /_midias/reduced/home/1_3-14145342.jpg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 113
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7538
cf-request-id: 09c7553edd00004e8be418b000000001
last-modified: Sat, 01 May 2021 02:14:19 GMT
server: cloudflare
etag: "608cb97b-1d72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5eweTkGTPOyKAW7V9FtgvVwXA9u9RjtCrcm%2FpGLRQogiqMoe7ZCctk2LdaMKhehkSJeB7Es0d5gKmjD6CzdAozvbLeCwrDPQob%2BL%2BGrNgJy%2FQ1S9ecwmcseFQL4h"}],"group":"cf-nel","max_age":604800}
x-varnish: 230525409 233799705
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115cb34e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29

200

o-povo-online.png
www.opovo.com.br/includes/assets/online/geral/imgs/
Redirect Chain

https://opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png

6 KB
7 KB

20ms
16ms

Image
image/png

2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb78178efb17880986453d866dc2c7ff441b2b2426665937e77f2ae214f44713

Request headers

:path: /includes/assets/online/geral/imgs/o-povo-online.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 198120
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6467
cf-request-id: 09c755415d00004e8bf33e9000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-1943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9qh2qEaP%2B7EQwKt2w%2Fi1wkyZk2Hs7vgx4a%2Fy%2FwXvG2wd%2B%2F%2FDIQpX0KhkS9RsTR7PAIstkVnBeXogB%2FeI%2FCNMGVtIFAgQRpw1rR0aTvZvRNSWv52hHuQ7%2FXPmwcGi"}],"group":"cf-nel","max_age":604800}
x-varnish: 780602420
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b1569ac4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

Redirect headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-origin: *
cf-ray: 64858b115cb44e8b-FRA
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553edd00004e8bf62fc000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EGU3xDAHPcNO%2Fu%2FcPvoCHhYYukc07VpogdB8lAz2BlCvNrFtckTlSrtEzmpNpvaM%2BCz%2FbNPgJ4wNxgWy1nRXTgRmf556k2lQwx3baI5m21Bl8FwEwZehg8o%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 234455168
location: https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
cache-control: no-cache
content-type: text/html
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.6.2/ 386 KB
113 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.6.2/firebase.js

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88865e7ddaf27e6a197673760e1da312c5525f54af05cdcd9fa04bd07fa71c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 10:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Nov 2017 23:34:08 GMT
server: sffe
age: 143808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115681
x-xss-protection: 0
expires: Fri, 29 Apr 2022 10:25:49 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 91 KB
36 KB 45ms
15ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-P5LXTSR

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b66d71d6aae196d29c48d01b0efec55441631db3554faa1c8d8b62d15b9ab31b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36026
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:37 GMT

GET
H3-29 200 jquery-1.12.4.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/libs/ 95 KB
33 KB 21ms
20ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe

Request headers

:path: /includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 198119
content-type: application/javascript; charset=utf-8
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553c9400004e8bf62da000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: W/"5d16257b-17b90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P%2BdRbQslKG1weF0tOWjAwoYXX6KcNAp5fGOFfKhLSUOl3o%2B6jNjlHSWYO5xN9FWSD3HsOr70fiYiqxR2ZoOJIxAeJ3W66knQ5J4pfJSnqXmj%2BisWAodLGdJAINVC"}],"group":"cf-nel","max_age":604800}
x-varnish: 781223010
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64858b0db80a4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 custom.js Show response
www.opovo.com.br/includes/assets/online/geral/js/ 2 KB
1 KB 12ms
11ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/custom.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15273ff1ac56f84eebc440688d39df383582d67ab9970a5ee5f2ed3ecdff2ba8

Request headers

:path: /includes/assets/online/geral/js/custom.js
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 362968
cf-polished: origSize=4326
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553cb900004e8bfd311000000001
last-modified: Wed, 07 Oct 2020 13:19:57 GMT
server: cloudflare
etag: W/"5f7dc07d-10e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ex7qNDs4DWwKEOo3YTnmXyYmVxprZxTL46w7TokXe9DcHqGYqO%2FpyryhFcpIH4woEm749ViM8wY6BaQtd4SlxU9T%2BMBi8Tn9ULbs%2B9AJg5HIVV9KXK%2FUyhMnMaE5"}],"group":"cf-nel","max_age":604800}
x-varnish: 467108935
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64858b0df8634e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 owl.carousel.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/libs/ 43 KB
11 KB 14ms
13ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/owl.carousel.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Request headers

:path: /includes/assets/online/geral/js/libs/owl.carousel.min.js
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 198119
content-type: application/javascript; charset=utf-8
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553cc800004e8bd8bd2000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: W/"5d16257b-ad3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SbqiCB1CoH46aVUZd6PbRTYTZRAXjhQsmUMQg3EP%2BxPFT5ZVWkHCz89WGVOvaNIYDiIiznc5kj9k4cUUUbRz97YcZSeqo%2FMraoevUTzXbfUAvC1HAhxUUMTJESqj"}],"group":"cf-nel","max_age":604800}
x-varnish: 782305035 780640274
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64858b0e087e4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 main.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/ 8 KB
3 KB 19ms
15ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/main.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82e7822c35cdcf0e2ac5552f0ca767aed13b2cbf54d914ad8233c6b524ea85af

Request headers

:path: /includes/assets/online/geral/js/main.min.js
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75567
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553cdf00004e8bb5b31000000001
last-modified: Fri, 26 Feb 2021 14:37:07 GMT
server: cloudflare
etag: W/"60390793-21b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L1T1DBo6S6bTp4a17mBhGpWjB9S%2Bg%2BIYbqOC7BfNsxymhN8RFNxKbrd3%2BnS1RxGmvu3UAkQHKV%2FSpWQjyQSDJiE%2B7UlKwrLaczcLhyDehfnapjhhVHSxmAKOF%2BrY"}],"group":"cf-nel","max_age":604800}
x-varnish: 1019873278 1009977428
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64858b0e38a24e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 home.min.js Show response
www.opovo.com.br/includes/assets/online/home/js/ 2 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/home/js/home.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 818ec7e02e904eab6a9638557e17c3df7a981788dea3378baec71818df4aaf66

Request headers

:path: /includes/assets/online/home/js/home.min.js
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75567
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553cf200004e8b0db92000000001
last-modified: Wed, 07 Oct 2020 13:19:57 GMT
server: cloudflare
etag: W/"5f7dc07d-69e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LkuQ%2BJXZvxQ%2FcqnYmTjGc5yeYF7aqPxbPjIN%2FnOWcBLn9CcYsZkM3cgqU68ZX6zjPfqclqQtHPDQUnaowQyr%2Fk%2FDkI1DKtUFoe5ZbKWNsjESoyWwSVXPsC2mLH0W"}],"group":"cf-nel","max_age":604800}
x-varnish: 1019708785 1020625469
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64858b0e48c14e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 check.js Show response
www.opovo.com.br/includes/assets/online/geral/js/plugins/ 127 B
850 B 14ms
14ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/plugins/check.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f58395f1404bd66a6685d12bf19baf7d6f340ad331b3388f5bf6f0cc463db7

Request headers

:path: /includes/assets/online/geral/js/plugins/check.js
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 198080
cf-polished: origSize=159
content-type: application/javascript; charset=utf-8
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553d0000004e8be4174000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: W/"5d16257b-9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1CtQoxTYgdP6MuTb9iCivgaTba6kj%2B%2Fe%2FsvUILK%2BWcAnCi%2FQRo8yT3kFlVw1Qb9i8RD6vaiFbHVtE%2FPIliPA%2FI6zwuEe7vkKn%2BjVbR368Vs36Iuxt70r7PufJ%2Bh3"}],"group":"cf-nel","max_age":604800}
x-varnish: 781223022
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64858b0e68da4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 web-push-notification.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/plugins/ 2 KB
2 KB 12ms
11ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/plugins/web-push-notification.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bfc998b6b2333e071601dbff62e890651f439e66179d3eb000241eefb17d85c

Request headers

:path: /includes/assets/online/geral/js/plugins/web-push-notification.min.js
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75567
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553d0a00004e8bcfa60000000001
last-modified: Mon, 08 Jul 2019 13:38:17 GMT
server: cloudflare
etag: W/"5d234749-8bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bkIni6e82NCJb2gJ%2BtRtozaJ53PX0VqXyZ3YZ%2FzdlXLvQHImB9%2F7u5AlnHTbjWJuhNrfCiRdaJkpnQ19JtUPgSwCLc6XYZkr9L23CWHVMhiu5BLYSC8S83A4miB4"}],"group":"cf-nel","max_age":604800}
x-varnish: 1019873283 1011025592
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64858b0e78ea4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 969ms
868ms Script
application/javascript 65.9.69.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54f93e9c10e60babfaaa671b990efaf804977c25a6de037d725376a240126d3d

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kcnXPsDERBBih5wkmjjg45SZOibEm2zo
content-encoding: gzip
last-modified: Tue, 01 Dec 2020 13:23:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"098e519f228be66f4ce201f3e941f897"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
cache-control: no-cache
date: Sat, 01 May 2021 02:22:40 GMT
x-amz-cf-id: EW8BcJVDG9tn5jXsqTYgYzibEXEr1XrwkpQmd0-AsUXnkA-rD2hZ9g==

GET
H2 200 rdstation-forms.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/ 178 KB
48 KB 211ms
75ms Script
application/javascript 65.9.69.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23addc956464503578d051fa820a2c4529f2291dca055b2d62b054bb81cf8f88

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:02:46 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 14:02:28 GMT
server: AmazonS3
age: 1253993
etag: "7889178e61b8b03e10382e87fab9e3fc"
x-cache: Hit from cloudfront
x-amz-version-id: 8CuM2JQKANE3Qpwom.AL839TzNihCz7P
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
cache-control: max-age=315360000, must-revalidate
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 48643
x-amz-cf-id: n7w0kJTslOH9yC3fq-ZQXsz4voD_8tMMFhus8pOEmWV3tqju-pFdDw==

GET
H2 200 ws-TWHDNHFV.js Show response
wfpscripts.webspectator.com/bootstrap/ 1 KB
934 B 451ms
104ms Script
application/x-javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cb7ef62603ce68e806e9f3f9fd2312c388263059871b9d0e690231ebf4256e07

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
content-encoding: gzip
last-modified: Wed, 31 Oct 2018 17:31:20 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"cca06fd081c7423a71325d0ea0324fb7"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=31536000

GET
H2 200 / Show response
c.jsuol.com.br/assets/ 142 KB
49 KB 199ms
0ms Script
text/javascript 2600:9000:2104:5e00:12:c12e:4e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5e00:12:c12e:4e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 43a07afa251885987480611f7a5f76c48949eb6556122ccffc2c6de6cb558707

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 10:23:51 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 10:23:46 GMT
server: marrakesh 1.16.6
age: 4463927
etag: "aec28d28f5b18ad6af40f8ca9f9de17a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=31536000, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: AMS1-C1
content-length: 49477
x-amz-cf-id: q11Z1WNpxwyK4w5y4sZ794dfdb5gi9QFM_f-Zk_GJzAWZHVhsHY2TQ==
expires: Thu, 10 Mar 2022 10:23:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 222ms
66ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

885ebfc33b635a210faf10a830b985c16122e5fcec3e4638eca96755a3069af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "858 / 704 of 1000 / last-modified: 1619820605"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21192
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 94ms
0ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23310373-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2523
date: Sat, 01 May 2021 01:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 01 May 2021 03:40:35 GMT

GET
H3-29 200 pubads_impl_2021042701.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 76ms
70ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 01 May 2021 02:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108684
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:37 GMT

GET
H3-29 200 sprite.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 25 KB
25 KB 304ms
220ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/sprite.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dd8c3796600c28cb55f80e3b365e818144fc506624f1825538091e7eab9f15a

Request headers

:path: /includes/assets/online/geral/imgs/sprite.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 198120
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25133
cf-request-id: 09c7553edd00004e8be4a74000000001
last-modified: Mon, 15 Feb 2021 17:06:17 GMT
server: cloudflare
etag: "602aaa09-622d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UWeXW2yabuc78RHyjwtFzPP%2BhcUYVlvmXJmNnPf5XN%2FHqIptA0sZ8e1%2BD3iXKGKr9vh0BomGbxDXXkEDczEBZVTUKYi6s9e3LxwM8xbDHfHHtFuBngah63KnydXw"}],"group":"cf-nel","max_age":604800}
x-varnish: 781484461
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115cb64e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 oswald-italic.woff
www.opovo.com.br/includes/assets/online/geral/css/fonts/ 35 KB
36 KB 129ms
60ms Font
font/woff 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/fonts/oswald-italic.woff
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d48f5f637187fe83bff6165783efb3dac15cb3d10ba166d92f37312dba9a4ad7

Request headers

sec-fetch-mode: cors
origin: https://www.opovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
:path: /includes/assets/online/geral/css/fonts/oswald-italic.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 198117
content-type: font/woff
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36200
cf-request-id: 09c7553ed900004e8bdeaf2000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-8d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8P4zdCCtAPXFs0H9m%2B3o2WHSJI8Fp%2F5SiKTY%2Bbw6UCOKbQKqfHp7Q9qbNeXv0xVqH67uhab27XkreT1gdHg5hAO%2FsLH9Em5RXCBRFwEEvR%2BEhtZ6YvThxvDlXhDm"}],"group":"cf-nel","max_age":604800}
x-varnish: 780602414
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115c944e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 o-povo-online.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 6 KB
7 KB 306ms
232ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb78178efb17880986453d866dc2c7ff441b2b2426665937e77f2ae214f44713

Request headers

:path: /includes/assets/online/geral/imgs/o-povo-online.png
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 198120
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6467
cf-request-id: 09c7553edd00004e8bcfa79000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-1943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZYVZdhBeYJxBx4aGsVYqSRP95ElULnQX%2F1JjZpi%2FT4x0GAoA7vrOcekm05oSZHu94rTuhRazcr5h35mhlsVQzWw5QUkW6VgFTbCWhFK41njrnTh%2BOflAJ5iSOCYu"}],"group":"cf-nel","max_age":604800}
x-varnish: 780602420
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115cb74e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 opmais-menu.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 2 KB
2 KB 306ms
233ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/opmais-menu.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c357602ca06d0f50246880e2594b175c3ac470110ed13ea8336e149d78e2de

Request headers

:path: /includes/assets/online/geral/imgs/opmais-menu.svg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 84007
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c7553ede00004e8bcc2dd000000001
last-modified: Wed, 14 Apr 2021 20:47:46 GMT
server: cloudflare
etag: W/"607754f2-946"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lktld05D%2FyA2Xsr1Q2AlLlcHinNdJbNgZgpzrPQeAGvABIUVXEk4xJm6e6P1ILAECbjX5aiuYQbegLOyLP5Mz416TOq8XRMPF49G%2BU7yVkdRL34qkxi2SlFEj1%2Ft"}],"group":"cf-nel","max_age":604800}
x-varnish: 998180690
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64858b115cb84e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 oswald-regular.woff
www.opovo.com.br/includes/assets/online/geral/css/fonts/ 27 KB
28 KB 253ms
184ms Font
font/woff 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/fonts/oswald-regular.woff
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e43467ea5d461a0509fc8b4f4fc544fc0fe66d4caaa9004b830a2c589466601a

Request headers

sec-fetch-mode: cors
origin: https://www.opovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
:path: /includes/assets/online/geral/css/fonts/oswald-regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75568
content-type: font/woff
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27752
cf-request-id: 09c7553edb00004e8bb9921000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-6c68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RjN%2BXR4uDUDMeWrnILCU4YVjdn3j8b1L4Mu5jTxPquE2FqpyJlCitMBAjVl3IkqfigH17a5MVWSAY4f6BNEQWbHEpWXIEfp6Dx2350N%2BeKWjq65dQiXuo5Paba3v"}],"group":"cf-nel","max_age":604800}
x-varnish: 1019708812 1009419938
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115ca14e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 oswald-light.woff
www.opovo.com.br/includes/assets/online/geral/css/fonts/ 27 KB
27 KB 261ms
192ms Font
font/woff 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/fonts/oswald-light.woff
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69de99231158e36ac4ce5d52a93af7a1574a4f79a8fd79b0d21b49d85105c3a6

Request headers

sec-fetch-mode: cors
origin: https://www.opovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
:path: /includes/assets/online/geral/css/fonts/oswald-light.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:38 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75568
content-type: font/woff
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27212
cf-request-id: 09c7553edb00004e8b0f21b000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-6a4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cs5%2BA0HtTE4%2Bxlh9qukoZys2JIY5w2MWYXJGVJwba4CIO98%2Ff69XLwZQeXuXTn6wnZRs5B6fRrAayAIgskBlWy0tPI8zeP90jez9f5FDqElv7l5EDiDP%2BvvH6xyq"}],"group":"cf-nel","max_age":604800}
x-varnish: 1020756643 1011025598
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64858b115ca34e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
799 B 413ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 412ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 210 KB
37 KB 766ms
765ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3827330936308599&correlator=1348760778553747&output=ldjh&impl=fifs&eid=31060923%2C31060504%2C31060795%2C31060840&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210501&iu_parts=10216148%2C29%2Cbillboard_home%2Cbanner_bottom_desktop%2C2124%2C28%2C24%2C25%2C20%2Cteste_digitalpremium%2Cselo_jornal_home%2C30%2Cout_homeportal%2Clb_portal_home%2Cbg_home_noticias%2Cbg_home_jornal%2Cbg_home_esportes%2Cbg_home_divirtase%2Cst_portal_assine%2Cvi1_imoveis_home_populares%2Cvi2_imoveis_home_populares%2Cvi3_imoveis_home_populares%2Cvi1_veiculos_home_populares%2Cvi2_veiculos_home_populares%2Cvi3_veiculos_home_populares%2Cbe_portal_home&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F9%2C%2F0%2F18%2C%2F0%2F19%2C%2F0%2F20%2C%2F0%2F21%2C%2F0%2F22%2C%2F0%2F23%2C%2F0%2F24%2C%2F0%2F25&prev_iu_szs=300x250%7C336x280%2C970x250%2C468x60%2C300x250%7C336x280%2C300x60%2C300x60%2C300x60%2C970x90%7C728x90%7C970x150%7C728x300%7C970x250%2C1190x250%2C300x60%2C1x1%2C680x540%2C1x1%2C1750x720%2C1750x720%2C1750x720%2C1750x720%2C1190x250%2C290x300%2C260x280%2C260x280%2C260x280%2C260x280%2C260x280%2C260x280%2C1x1&ists=40961&cust_params=t%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1619835646&dt=1619835758443&dlt=1619835757413&idt=657&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C205%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C192%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=4119730198%2C3278770389%2C765604454%2C894174196%2C2321965323%2C1611662773%2C318812021%2C2678070680%2C2257760347%2C2022424191%2C671498278%2C1008266836%2C4034438472%2C2530977655%2C1404135940%2C1363791537%2C567913026%2C1572472801%2C3121468511%2C2792545042%2C736315307%2C233207977%2C3653363857%2C557447621%2C3288225154%2C1754881613&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co%7Cp%7Cq&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.opovo.com.br%2F&ref=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1190x150%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1190x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1215867968.1619835759&ga_sid=1619835759&ga_hid=218022963&ga_fc=false&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

09a03c083501f18899598fa726c83a77d0105aedcfa76b9aa88ebaa811dff0fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38166
x-xss-protection: 0
google-lineitem-id: -1,-1,5675760410,-1,5395992609,5677639880,5677262793,5675027261,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138347374755,-1,138337188415,138347601690,138348173431,138347231030,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 71ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 30ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 logo-opmais-col.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 2 KB
2 KB 11ms
11ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/logo-opmais-col.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25ce31806de1eee3a851d1bc47e269def862c12fc7a6150f08c579f86f71014

Request headers

:path: /includes/assets/online/geral/imgs/logo-opmais-col.svg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75568
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c755419d00004e8b0dbcf000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-954"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lao%2BfMb9HlbBA1X3dC3brg9yn7cVp9xTH%2BvQRw0yp4uvs1tKnFTb%2BuVBwmyUPIr8felYrHv5q9FNDWF3Im6GwrFYM42xT3pabxSfU1gnhYWDYoKD0JyX1tUPig%2F4"}],"group":"cf-nel","max_age":604800}
x-varnish: 1011256411 1015515584
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64858b15ca2f4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 chave.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 1 KB
1 KB 14ms
13ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/chave.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a45590a3bf9f39d72dd53301f9897396f2dfb19dc1d38f0beabc965c8351a2b

Request headers

:path: /includes/assets/online/geral/imgs/chave.svg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75568
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c755419e00004e8bf5b52000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-59b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NtmP2uAZUmp4mUfct2bbtpn2kItguNZC06yp1AevA1rMuMlZXXq0t%2BlrjK%2FYRB4HiVWsGaM%2BC2isEDajCx%2FGRk5m9I4b6lXPGU7QCpMUbZ0YUt9sorfUyVxwMq9a"}],"group":"cf-nel","max_age":604800}
x-varnish: 1011256413 1006701164
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64858b15ca344e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 cadeado-cta.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 510 B
1010 B 11ms
11ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/cadeado-cta.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b4692dfccb38aa3b791b809c6475ccf144079687c9d9569849b93af6d03c89

Request headers

:path: /includes/assets/online/geral/imgs/cadeado-cta.svg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75568
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c75541a000004e8b04a9f000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-1fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tXpiu3ogyJxN10nJNculgunoBlR0mGq%2Fa0xB3TSrnBgM9CPDZb7n2oIQVYwKemg7UYivN63he3%2FzVHdpRpPh6GMKRvDEhRATYGizOhRYAs2p%2Fk%2FtHeGEm3%2Bou0l8"}],"group":"cf-nel","max_age":604800}
x-varnish: 1020756647 1020625502
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64858b15ca3a4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 chave.svg
www.opovo.com.br/imagens/ 1 KB
1 KB 14ms
11ms Image
image/svg+xml 2606:4700:3033::ac43:cb93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/imagens/chave.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:cb93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7323a82847be2df6a9510ec0ddcedebeb02b019f5ee092cd2da501ee094ad02c

Request headers

:path: /imagens/chave.svg
pragma: no-cache
cookie: __cfduid=d4d84d3d527454afcf2878c20f681ea2d1619835756
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75568
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c75541b300001f452f1e6000000001
last-modified: Wed, 17 Jul 2019 18:55:05 GMT
server: cloudflare
etag: W/"5d2f6f09-59b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vDonb4oERvYVQeD5lvQr7sgQZ470faPNLqudMPkQ4kGz3XAmMpK9RlfnHzOPdHH985OmjZm2igOkfW7FylP5AiXbyl5rgfAaN%2BpEzPtxa8Uu6sR2QOAi2AnqZORl"}],"group":"cf-nel","max_age":604800}
x-varnish: 1020756645 1016299729
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64858b15e96d1f45-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 32 KB
32 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT%20Serif:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 10:30:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:03 GMT
server: sffe
age: 143556
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32960
x-xss-protection: 0
expires: Fri, 29 Apr 2022 10:30:03 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T6KFSVV&t=gtag_UA_23310373_1&cid=1215867968.1619835759

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f620455f0a97e5a0372834ccbe4109d656a04db3fe989b4f59178b09aeceb5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34853
x-xss-protection: 0
last-modified: Sat, 01 May 2021 00:18:43 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 May 2021 02:22:39 GMT

GET
H3-29 200 carta-portal-newsletter.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 4 KB
2 KB 24ms
23ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/carta-portal-newsletter.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e18441c7811abba1194a8130a3ec786d24b4a9d8ae6e8486147e47856b5ca0d1

Request headers

:path: /includes/assets/online/geral/imgs/carta-portal-newsletter.svg
pragma: no-cache
cookie: _ga=GA1.3.1215867968.1619835759; _gid=GA1.3.148090516.1619835759
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75567
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c755428e00004e8bae337000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-e6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z4JOobBS8%2B%2BUNot3s86FiJ53U342vDcVSIs2L3lNLvkOsJZCqfDFsnilfWo3oDDlHkGuE5hFvrsJOIpOYIXEc0tjIBLAa%2FEKFAlPW8ACcLxFISCTce9CgqX2EDiQ"}],"group":"cf-nel","max_age":604800}
x-varnish: 1020756652 1015515593
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
set-cookie: __cfduid=d6c59048e0e41708a9bd2da0275effc221619835759; expires=Mon, 31-May-21 02:22:39 GMT; path=/; domain=.opovo.com.br; HttpOnly; SameSite=Lax; Secure
cf-ray: 64858b174c994e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ceara.png
www.opovo.com.br/includes/assets/online/esportes/imgs/ 4 KB
5 KB 23ms
22ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/esportes/imgs/ceara.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc27093a7206bc10971963a8ce40453a4f0c6a01754559009c6f00cb3498d65

Request headers

:path: /includes/assets/online/esportes/imgs/ceara.png
pragma: no-cache
cookie: _ga=GA1.3.1215867968.1619835759; _gid=GA1.3.148090516.1619835759
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83836
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4600
cf-request-id: 09c755429000004e8b01a83000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-11f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7yOx3Ng1eOpvyaIs8CS9iKeosMaqnMpH1hjsUGsX%2ByIBEj8rv976FK1sVuGHRf9CPsF%2BxLdVfDyPRRxpM7kYpRpm1JHL7clEeq8Gf3IoU3y%2F%2Bx%2BCCOv%2Bl4IlbxkC"}],"group":"cf-nel","max_age":604800}
x-varnish: 999067033
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
set-cookie: __cfduid=d7f831516957c5bd9dbac233e48fa38aa1619835759; expires=Mon, 31-May-21 02:22:39 GMT; path=/; domain=.opovo.com.br; HttpOnly; SameSite=Lax; Secure
accept-ranges: bytes
cf-ray: 64858b174c9e4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 fortaleza.png
www.opovo.com.br/includes/assets/online/esportes/imgs/ 5 KB
6 KB 24ms
23ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/esportes/imgs/fortaleza.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bba4ee8766e7683a421df6e1c097c303b940d05b3f8139a01bc0ec910d9b6c8

Request headers

:path: /includes/assets/online/esportes/imgs/fortaleza.png
pragma: no-cache
cookie: _ga=GA1.3.1215867968.1619835759; _gid=GA1.3.148090516.1619835759
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 83836
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5293
cf-request-id: 09c755429100004e8b1ab20000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-14ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0fiCglKD7LvoFXXpfqrmfJTURhJS3g8%2BwjIpWQeEW8ACtvdUuNJMnXEjwor5OZ1TTt9eTXX13k5jJu7RvaS30Z9Hr7E0IB%2FJwOexmRGPSym4n8uhOawCxCT30dQt"}],"group":"cf-nel","max_age":604800}
x-varnish: 998180779
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
set-cookie: __cfduid=d7f831516957c5bd9dbac233e48fa38aa1619835759; expires=Mon, 31-May-21 02:22:39 GMT; path=/; domain=.opovo.com.br; HttpOnly; SameSite=Lax; Secure
accept-ranges: bytes
cf-ray: 64858b174ca04e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 nobetaads&id=opovo.inter Show response
api.nobeta.com.br/ 35 KB
12 KB 254ms
190ms Script
application/javascript 35.244.156.216
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBWHQHX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.156.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.156.244.35.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1b2fc79536c8ab2f98419ead1cc323c8945371c6e5019ed79f593e877d48a8ab

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 16:39:25 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=604800
alt-svc: clear
content-length: 12488

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 31ms
10ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: NZLJg5NhT+0N2jku8cxpvwCkOg4NHhUjqTK2yjqJn74eLFB01CV1AceqcWssG4aZSICcmvKciclZapRZ2Ja5Qg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 01 May 2021 02:22:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 top_esportes.json Show response
www.opovo.com.br/_files/json/ 3 KB
2 KB 13ms
12ms XHR
application/json 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/top_esportes.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50c133dc299d71b3a0d1e9376696173623c1380eca53c52367f69af4a2a0d9dc

Request headers

:path: /_files/json/top_esportes.json
pragma: no-cache
cookie: _ga=GA1.3.1215867968.1619835759; _gid=GA1.3.148090516.1619835759; __cfduid=d7f831516957c5bd9dbac233e48fa38aa1619835759
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1283
content-type: application/json
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c75542da00004e8b0dbe2000000001
last-modified: Sat, 01 May 2021 01:49:09 GMT
server: cloudflare
etag: W/"608cb395-dcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UPm%2BE5ixMwh3RXg3OqGPB4IszOFZdfhIh%2FX8qypZ%2FhclmAEtuHDC%2F8pk9EnXeiWlhk7NJoSDn%2F1qy6PfPROa%2F7EKfgiygqgmd0wWPzHui8oKg3p2ZjFsZmpkqwNe"}],"group":"cf-nel","max_age":604800}
x-varnish: 224957175 229836830
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
cf-ray: 64858b17cd1f4e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 opovo_online.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 7 KB
3 KB 16ms
15ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/opovo_online.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e7384be3ec1e42038e5e414d62684acee8a12c0be98fd8b4ccb480d20c9435

Request headers

:path: /includes/assets/online/geral/imgs/opovo_online.svg
pragma: no-cache
cookie: _ga=GA1.3.1215867968.1619835759; _gid=GA1.3.148090516.1619835759; __cfduid=d7f831516957c5bd9dbac233e48fa38aa1619835759
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 75276
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c755433100004e8bb995a000000001
last-modified: Wed, 14 Apr 2021 20:47:46 GMT
server: cloudflare
etag: W/"607754f2-1d7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4UDe6FaoHjyjQMBkaBgBeWTf%2BHLj1RS%2F2QVCpt9tr5vlQwHot41HeMeOfHOGmFuGFl4IUEpCt4N4W%2FG%2F12CArgRSmr%2FUrl45s3MdVWjkPULr4zrNh2u%2FJlOYPEmm"}],"group":"cf-nel","max_age":604800}
x-varnish: 1021051937
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64858b184dc44e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 187ms
54ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 5466
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1619835760.614358,VS0,VE0
x-served-by: cache-hhn11552-HHN

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=218022963&t=pageview&_s=1&dl=https%3A%2F%2Fwww.opovo.com.br%2F&dr=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&ul=en-us&de=UTF-8&dt=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAAUADQAAAAC~&jid=126752590&gjid=440669130&cid=1215867968.1619835759&tid=UA-23310373-1&_gid=148090516.1619835759&_r=1&gtm=2ou4l3&z=2071582336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 16ms
15ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=218022963&t=pageview&_s=1&dl=https%3A%2F%2Fwww.opovo.com.br%2F&dr=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&ul=en-us&de=UTF-8&dt=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAAUADQAAAAC~&jid=1706597747&gjid=1776701060&cid=1215867968.1619835759&tid=UA-23310373-1&_gid=148090516.1619835759&_r=1&gtm=2wg4l3WBWHQHX&z=608911378

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 404 destaque_home.json Show response
www.opovo.com.br/_files/json/ 145 B
714 B 692ms
689ms XHR
text/html 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/destaque_home.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.1215867968.1619835759; _gid=GA1.3.148090516.1619835759; __cfduid=d7f831516957c5bd9dbac233e48fa38aa1619835759; _gat_gtag_UA_23310373_1=1; _gat_UA-23310373-1=1
:path: /_files/json/destaque_home.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.opovo.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:40 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 64858b19efb74e8b-FRA
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c755443700004e8bb0b49000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O1vCNKpwp0JpSIqWGjluWV6GaLP8TZ2vQbbUmg1pPWGFocgkxJ4U26qKviRZ2P8t15rc%2Fv99ddCmpMgAGK0BwzCJxF9KoVsFfcGPBTWxfhDgtCZzg8PqVmNXCcuV"}],"group":"cf-nel","max_age":604800}
x-varnish: 230525815
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html; charset=utf-8
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 top_home.json Show response
www.opovo.com.br/_files/json/ 4 KB
2 KB 17ms
16ms XHR
application/json 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/top_home.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8634980ac739ed5d42e29db2fa908325d12c57b6eaab2ce0a4f6ee49639884f9

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.1215867968.1619835759; _gid=GA1.3.148090516.1619835759; __cfduid=d7f831516957c5bd9dbac233e48fa38aa1619835759; _gat_gtag_UA_23310373_1=1; _gat_UA-23310373-1=1
:path: /_files/json/top_home.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.opovo.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 131
content-type: application/json
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c755443500004e8bcd37f000000001
last-modified: Sat, 01 May 2021 02:09:21 GMT
server: cloudflare
etag: W/"608cb851-e73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JGNjdEqT1BUhkIaYjzHfZo4E7Dh8CkmUbZV%2BGuxJV1%2BoJ7lOEuRL%2Bn2Bs6wniMTtCGGthulAuIuVnnVflRCdk%2BCEN0NDAjkoCg%2BbAt5t%2FbipXI3UjSumlum55m9B"}],"group":"cf-nel","max_age":604800}
x-varnish: 232457714 232358482
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
cf-ray: 64858b19efb94e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 trend_topics.json Show response
www.opovo.com.br/_files/json/ 10 KB
4 KB 18ms
16ms XHR
application/json 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/trend_topics.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d6c79f8dcdd964c0067229826bd38e6fd0cc6d224d4f0897bc0b89c6917dbb8

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.1215867968.1619835759; _gid=GA1.3.148090516.1619835759; __cfduid=d7f831516957c5bd9dbac233e48fa38aa1619835759; _gat_gtag_UA_23310373_1=1; _gat_UA-23310373-1=1
:path: /_files/json/trend_topics.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.opovo.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 131
content-type: application/json
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c755444600004e8bc4b19000000001
last-modified: Sat, 01 May 2021 02:09:25 GMT
server: cloudflare
etag: W/"608cb855-2662"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C%2F%2FEJsEDrPbIGhE3a5ahL0yNxesbI0lsXIZxi7nqe5bwuGOGMiZcAVOnojENOw05PvEZIObtO1ttcJbTwzw9KYkR%2F2i1XNLuU7bC8KylCEmLCeg2oD%2BybhfEuU9C"}],"group":"cf-nel","max_age":604800}
x-varnish: 232457728 233832763
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
cf-ray: 64858b1a0fd34e8b-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 hotjar-199973.js Show response
static.hotjar.com/c/ 3 KB
2 KB 172ms
55ms Script
application/javascript 65.9.84.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-199973.js?sv=6

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e297d2a4a7c91c0c992231230f895c4e6c90b5b37f06a73e846d85c697fd088a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 19
etag: W/e4622b48ede65ee5200022330a8b39bc
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: AMS1-C1
content-length: 1541
via: 1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
x-amz-cf-id: rwAh-2B_-vgACzB3EeS2PcH1l9GrCEnQKKMVtgq7-a71J4x70-kBng==

GET
H2 200 escolha-de-newsletter-5b7e7a60e997e46fe455-html Show response
forms.rdstation.com.br/ 39 KB
39 KB 523ms
159ms XHR
text/html 34.68.90.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.rdstation.com.br/escolha-de-newsletter-5b7e7a60e997e46fe455-html
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.68.90.188 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.90.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 52ecb1bb746a09526edf118c79dd612045a3e411317ec429a3ad440475f79101

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 01 May 2021 02:22:40 GMT
content-length: 39755
content-type: text/html

GET
H/1.1 200
OK init Show response
webservices.webspectator.com/ 3 KB
2 KB 534ms
130ms Script
application/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/init?appId=TWHDNHFV&h=https%3A%2F%2Fwww.opovo.com.br%2F&t=1619835759708
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 6814ecdebcaa88ba8983e8167b226708910d9a234adabd105348317ba4d75a1f

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:40 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 251ms
77ms Script
application/javascript 13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 01:58:57 GMT
via: 1.1 4f1fb18f52f7f3f86e0c73a59088e8ad.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: lgMymrRKBpq528RpUoKEqBH9Ch-JddNrv9Wn84L3mvSLX_rreeAg8A==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 24ms
7ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 08 May 2021 02:22:39 GMT

GET
H3-29 200 200307651652585 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f03f:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/200307651652585?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67f308c82c94beab0f19774ad46800bf75374459d800718fc2684c3fedd5a639

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74082
x-fb-rlafr: 0
pragma: public
x-fb-debug: JtF6JC354WgBin+2ABWrcu32dqpEVmRetzGPCAit9pf94tC1l+J7+FYOtCn+Kn6pWzCp8gudqBrZaTE3UBHbPQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sat, 01 May 2021 02:22:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 container.html Show response
dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F484 6 KB
3 KB 19ms
17ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 01 May 2021 02:22:38 GMT
expires: Sun, 01 May 2022 02:22:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3BA5 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 01 May 2021 02:22:38 GMT
expires: Sun, 01 May 2022 02:22:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A980 0
0 108ms
72ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVRfmwoMen0AnYXvE5tFYH6UovGuDXI4w3eoGv1sSxqvxmXfwZ7OY9AMuRyJDeWGEq9CEVd1Il0zj4nvf9Pm49BoHtOD43Tk9RCvrezYrb48jBy47BwkgSSfjBCpqYNEcc4icbZrhLsH_ZTYOtM4NkiGRFNlmzJLuITxeSX0BNE7LnLm-cP3200e6wuHLeR8S_3eKJY9rv7Z1bHwpmghNJgZ1NApj7fcLgp-eSlr4y-SC1GQJJcHS4SbiNibxDWOCt_JT3kxmfZa46tJ3sc-wTUPplPyWaF4LhPFyLfuhsYIktga7UZd0&sai=AMfl-YRimb8StDK4KIsoq1u079Kvz-42D8VKFsXVviwqJIAWd2JT10riUQGVQaGkmH2Gb430-4ciEQFIQn9vf98klITNjbdv19rBEdNS9jUl_zBsPU0zAsw3hRAHIgRUL38&sig=Cg0ArKJSzNosO4PC-pdtEAE&adurl=

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 01 May 2021 02:22:40 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame A980 17 KB
7 KB 43ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 01:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 01:32:23 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame A980 2 KB
1 KB 46ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 02:22:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A980 116 KB
35 KB 841ms
10ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A980 0
0 57ms
23ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRD8moouh1XY6i5p_mC4KAgu7uAGnG0F4cQZ-gdR7MrPF_-07YcFAH_te9TcxsVBQRPhHjN
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 11858575098347432924
tpc.googlesyndication.com/simgad/ Frame A980 12 KB
12 KB 45ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11858575098347432924

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4f8409746644e557484286fb9c538b6910a640acee551777703106a017bddd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 09:23:12 GMT
x-content-type-options: nosniff
age: 61168
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12042
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 19:04:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 09:23:12 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 870ms
73ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:40 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 30ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23310373-1&cid=1215867968.1619835759&jid=126752590&gjid=440669130&_gid=148090516.1619835759&_u=aChAAUACQAAAAC~&z=309029663

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 01 May 2021 02:22:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23310373-1&cid=1215867968.1619835759&jid=1706597747&gjid=1776701060&_gid=148090516.1619835759&_u=aCjAAUADQAAAAC~&z=2019226343

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 01 May 2021 02:22:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 61ms
60ms Script
application/javascript 65.9.69.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
age: 54932
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
date: Fri, 30 Apr 2021 11:07:09 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: zGbYDi5AiN9Izm7vrAmodRIY88qNOiyi_AXv0vT1Th87BPDGRYK7oQ==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 61ms
60ms Script
application/javascript 65.9.69.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e1d05b67320d633e28903abf74d8d6d447bb482ca6cf25e8b75c011bba11191

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fvUeuGFBK7nhwvE_ycf2sTAfAQff3DpI
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 17:57:29 GMT
server: AmazonS3
age: 6762
etag: W/"79eba5359f199f99d84acbac958db7bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
date: Sat, 01 May 2021 00:30:23 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 4s7Ei5u3ZhHaVNZTvLyd-n2SzYWJjvCGMkFYCanajKYOBX3bKa7law==

GET
H2 200 index.jsonp Show response
geoip.canais.uol.com/ 32 B
423 B 804ms
65ms Script
application/javascript 2600:9000:20c8:ba00:1f:f9d:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.canais.uol.com/index.jsonp?callback=UOLTEGeoLoc
Requested by: Host: c.jsuol.com.br
URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:ba00:1f:f9d:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 8a5d5b04058d52772fc46f83376da4139e4b135d4c73ae262a19faac21860678

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:39 GMT
content-encoding: gzip
server: nginx/1.10.1
age: 1
vary: Accept-Encoding
x-forwarded-for: 2a01:4f8:192:5414::2
content-type: application/javascript; charset=UTF-8
via: 1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-cache: Hit from cloudfront
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: UtdThkhpfRy5b5UCSvC1Jzocx_kUD4Y9E8FL7wFQdD2-nFPUyZFR7Q==
expires: Sat, 01 May 2021 03:22:39 GMT

GET
H3-29 200 container.html Show response
dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 008F 6 KB
3 KB 230ms
72ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 01 May 2021 02:22:38 GMT
expires: Sun, 01 May 2022 02:22:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4FA 0
0 91ms
84ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAbseH7ZNzTrxO2vcdXfLBzXeY_uSfYqBBcPazljJHY420Qbtpym2Ig3CGVAsp-bVmY01j-N1oXd_fS3gxPeYXkqadtmpf-bWeMfj7MG03Uf5oS2q8wYq5n6DrnN1Dzs5t2Nq2TOkbCvfUCicyTskhUscdiH6bDcwQzW00O7BFiHEYsaiNhKof_dp74C8iDtQMJh1safb7d2o6tU7woH6RCWWzYp7tL_HWIkLHKQtPTxcxBpwqk8l0jizR4z2Wy7zHZwPR7BltTcVMav0IfxRMS-Z7Hj9VHA&sai=AMfl-YSr4nJZP_R4QYnFAn_IoLwKfywwZCMiL6LLN2B-VC_GzEtgsFNDnxNDuM-kB_yKY_-HFuH0ta5unI4rA2yvKGDDHSZ0LfuXvtiXgvsApHbhSaMH1JGnSLDv2GsO-lg&sig=Cg0ArKJSzMg2QpBfEuCIEAE&adurl=

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame F4FA 17 KB
7 KB 438ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 01:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 01:32:23 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame F4FA 2 KB
1 KB 458ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 02:22:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4FA 116 KB
35 KB 352ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:40 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F4FA 0
0 28ms
26ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTr5J0kXx9LnUnLnqnsqywT0OjoYVHPy8EUWRrHdkVCbeJiDYeF_oyZ3Il7wmgYnu5Dzc2G
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 14432587810747166405
tpc.googlesyndication.com/simgad/ Frame F4FA 10 KB
10 KB 407ms
39ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14432587810747166405

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a376f672c12525ddb21faadbf8f4b31422c99bd44b16c723d018b7ff7e2a5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:14:40 GMT
x-content-type-options: nosniff
age: 130080
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10364
x-xss-protection: 0
last-modified: Wed, 13 Jan 2021 22:14:54 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 14:14:40 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FEDB 0
0 76ms
45ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssy-5cHCrMP79ACznp3ce3vqklKCkWD_mJ8QZd73dk1-9oU72ip6kQID4_Ep0l2Vmy20Qjhqk6Jr57SAZYE1l_f7emLm8LR1RPlRQG8KIPWA03tEPcRuMbaL9hs88Zu-P21RRDJ-v5g7-CxAK59PfHxUChAAGpK-d0TntTI95p3Og5NAz7cD5bxzax2dGEjvpBc4s0hzm6FO0N8D3QtfOv1meRQ3Nd7m4zeL5pASCgeMQO2LN2T_ghLNXQknbCSUkXisIwv3qOutRQ2JUoDd_zHL-YqQ409dw&sai=AMfl-YQ75nLNNt3e9F7lfLJOV0x9KcojO0ijlO6njG0ubPCjDBYm85OAUZOXlj-dBvxD0UId9-tndkfzWhhsjVmh-Hg6kOGjTj3AZXCywY9EUiu_OY81SRAdcsVL2r7NFDQ&sig=Cg0ArKJSzEo1yKYe4OZxEAE&adurl=

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame FEDB 17 KB
7 KB 323ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 01:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 01:32:23 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame FEDB 2 KB
1 KB 322ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 02:22:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEDB 116 KB
35 KB 262ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:40 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame FEDB 0
0 16ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgi2aLFJBB6GOfBqosgsu789oWY6TAbMgQb68t8ZN1k-vyWUEhBsULtvg3rv9gVoi2JY7M
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 7661657006731689523
tpc.googlesyndication.com/simgad/ Frame FEDB 22 KB
22 KB 334ms
51ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7661657006731689523

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74263999d6480ed2829a1de981c552714ad2a9020305c60233671db5fd14135b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:58:57 GMT
x-content-type-options: nosniff
age: 354223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22166
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 21:01:05 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Apr 2022 23:58:57 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0EC9 0
0 74ms
73ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_E5wl1RV28PNzsNeMNi0QOrIyo_vvZ1us4Ji8jL3jRLDePjtPPsrrhOBSgi1vtvfbbDsAC4psv8idfmh0VthtZi5gYMDdc-xUVX5VAUVtrKoa4BezCHNe98eqdBsg9x5BppWbsRhins8YaAvbUxcf01s5wDfpVLhxgueVqstqKbIltM2RZh8Vxg8LJGSQHE9Fpvbfo3GJVxe-N1Mnakdp6tp3mIJGyHbZjrwVnbHbILjQpJ2pAv_tyFp7tVqI2jtrjAuQzHBTs6Q2955yiqRudbJNBg&sai=AMfl-YRZmroPAKhm_JHMR8WJtkgAIh7oj1ZetHtcoi7Yayh83NR7vKWd19WqkK-hFBFT5mQw6X_rW4YMIs62a7kyXg_aKXj0Qmaxk82I347B4RIBiDE_u_5Ubcun6JEO4Rw&sig=Cg0ArKJSzHLRGnPhOqu4EAE&adurl=

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 0EC9 17 KB
7 KB 319ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 01:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 01:32:23 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 0EC9 2 KB
1 KB 374ms
97ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 02:22:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EC9 116 KB
35 KB 310ms
79ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:40 GMT

GET
H3-29 200 11794506702905678100
tpc.googlesyndication.com/simgad/ Frame 0EC9 21 KB
21 KB 320ms
51ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11794506702905678100

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee28d55f07003a9e83e501d53f2d8e7b31f636643b67fed0d879d668d434a421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 23:05:57 GMT
x-content-type-options: nosniff
age: 271003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21187
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 22:08:32 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 23:05:57 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 14 KB
3 KB 165ms
0ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3388073
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2295
cf-request-id: 09c75548ec00004ee675047000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-38aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h3hEgMQzX3TKWJTJ2WnKJQKCPfWLkBl%2FQl3Y2iiXyObLlzWwlmp1j9rRGg%2FEViDIGcC7Z%2FkUX4hNDr1SMxxoyfZEsfzr8E8jyX%2BGZAzFpIUMX3JLLKQDJ%2BecjfteYYcq5g%3D%3D"}],"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64858b2179ce4ee6-FRA
expires: Thu, 21 Apr 2022 02:22:40 GMT

GET
H2 200 ajax-loader.gif
d335luupugsy2.cloudfront.net/images/ 847 B
1 KB 484ms
251ms Image
image/gif 65.9.69.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d335luupugsy2.cloudfront.net/images/ajax-loader.gif
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 22:40:11 GMT
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified: Wed, 29 May 2013 14:22:07 GMT
server: AmazonS3
age: 5715751
etag: "af962b37779a443a77ab836b3b7a93f5"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/gif
content-length: 847
x-amz-cf-id: 83zv9g9L_uKSUG2EHOW70IAB1mcCWeTx-zCItgSCe_-8kjwiXyh9kQ==

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E7F0 0
0 109ms
66ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMcUb_5OlH7dfBNPio1Zm3clCHYkGphDKEth76mTI-KrLsl2V9nzCy2DdiAvezaUOwwBKQEUZpd-RjqjiiP1mqV-1j1RNC9HLBp-rqeJVY4vPbpfBrlbT81rrZQCj97UVabgAI1vQR1AvBt_BvaLzZuUZwEchjeSTMHoJMtddT6jP6Qk5JA4yxf3gWD0bkM77Mzr1w46_wN3pE7H2pn66-pZmM3jBlPDbrMfP84iwHfGO9gsSquSGtr65AKIkodSVysTqyLvSyWng-dSelzQIuRjN6Zw&sai=AMfl-YRzKsDbSui6ooaKYW2joECgAeM6ubDZODMk5Lsi4G3hJFJhsxo5Zv-U6FCmpbKAF6WgkZnQmz3B52yJroFJW1-1qAmyEqnBqGZHIEBMjGIsjXbfbHFGlizwIhxsf6M&sig=Cg0ArKJSzO_duiBzb_IaEAE&adurl=

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 01 May 2021 02:22:41 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame E7F0 17 KB
7 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 01:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 01:32:23 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame E7F0 2 KB
1 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 02:22:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E7F0 116 KB
35 KB 49ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:41 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E7F0 0
0 39ms
16ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZAxrJhwGUTt4VJQa17P4gQ3ZniEFOvOdeBl1sjDkaW3iFPa3KyQNFc7g6HepE0JEN-ZTF
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 9092482211001504448
tpc.googlesyndication.com/simgad/ Frame E7F0 48 KB
48 KB 56ms
33ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9092482211001504448

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee6cb4314895ff8d6155df2f707fe81c2d51ad736a24f96bd81b772590d060ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:11:27 GMT
x-content-type-options: nosniff
age: 101474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48882
x-xss-protection: 0
last-modified: Thu, 22 Apr 2021 18:28:33 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 22:11:27 GMT

GET
H2 200 rules-p-HGAVM7nQJ_sep.js Show response
rules.quantcount.com/ 3 B
428 B 124ms
36ms Script
application/javascript 2600:9000:20c8:cc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:cc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 20:23:34 GMT
via: 1.1 65c5c292982d6d8875d94812b2bfdf95.cloudfront.net (CloudFront)
age: 21548
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:26:00 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
x-amz-cf-id: 1KenYjch55qi2P-pMaGJdt_ebav0zzFsj1o6_a_I4XmdBIvJezBDKw==

GET
H2 200 modules.af7c72981a16dda10558.js Show response
script.hotjar.com/ 219 KB
58 KB 204ms
89ms Script
application/javascript 65.9.84.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.af7c72981a16dda10558.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-199973.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fcd58751f30f474057be525bb6f45f04bf0797dcc6397f00325900483496cd54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 12:04:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51513
x-cache: Hit from cloudfront
content-length: 59037
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 12:04:08 GMT
etag: "7d1294687fe49b9f27baea224afa95ce"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: FMiJ5JlPTthHW-UmqckRG_aEZ_PotNBIyfkLurD2rfR7vOUrrG5jZA==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1619835761373&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%...
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1619835761373&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F...

64 B
330 B

114ms
110ms

Image
image/gif

13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1619835761373&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:41 GMT
via: 1.1 4f1fb18f52f7f3f86e0c73a59088e8ad.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: YMq83BqYGbP5VLnifMjqU_Pljw3n4QssiNZ0MgOWw797t47GXK4s8Q==

Redirect headers

date: Sat, 01 May 2021 02:22:41 GMT
via: 1.1 4f1fb18f52f7f3f86e0c73a59088e8ad.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1619835761373&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F
content-length: 285
x-amz-cf-id: 6O4BenI8gKiHSBoIKkG1vQMht1lJc53rmqfCX73Rvddyk2PTS3RlgA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
363 B 9ms
9ms Image
image/gif 2a03:2880:f13f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=200307651652585&ev=PageView&dl=https%3A%2F%2Fwww.opovo.com.br%2F&rl=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&if=false&ts=1619835761450&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1619835761432.1966745332&it=1619835759861&coo=false&rqm=GET

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 01 May 2021 02:22:41 GMT

GET
H/1.1 200
OK initcb Show response
webservices.webspectator.com/ 2 KB
1 KB 130ms
129ms Script
application/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/initcb?appId=2716&vId=A6FA664E77D027BE&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&sr=direct&ts=1619835761474&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=TWHDNHFV&h=https%3A%2F%2Fwww.opovo.com.br%2F&t=1619835759708
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 5b12485ab2d80c50e837d3a09156c212875a15d25158cbc3e1d8ad0998ace10b

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:41 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
457 B 297ms
167ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3wvj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.opovo.com.br%2F

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 01 May 2021 02:22:41 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 11d9524f03da20700647edbedc290495492e75ca0a7999b76d6649782c3cc3b8
x-transaction: cffbd7fc1781da53
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 prebid4.17.0.js Show response
s0.2mdn.net/dfp/517466/4406976690/1606854627803/ Frame 7701 222 KB
72 KB 497ms
5ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e6a8af98d6fbff175f0a9521f1f9c92a045df3040dff49955b8a7ab6705806b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 07:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66612
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72927
x-xss-protection: 0
last-modified: Tue, 01 Dec 2020 20:30:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 01 May 2021 07:52:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7701 61 KB
21 KB 317ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6885f0f9e2471215c58c630a45a4c52d421166db93b2f9388a96e122c9176ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "858 / 919 of 1000 / last-modified: 1619820605"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21191
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:41 GMT

GET
H2 200 tm38259.js Show response
tag.navdmp.com/ Frame 7701 13 KB
4 KB 75ms
18ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm38259.js
Requested by: Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11cf5c1245d3c47555619c67ceb9ae543a7e8c56346e007147e1671652abbedc

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:41 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3378
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 09c7554c0100004a91819db000000001
last-modified: Tue, 30 Apr 2019 20:21:02 GMT
server: cloudflare
etag: W/"5cc8ae2e-32bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 64858b266fb34a91-FRA
expires: Sat, 01 May 2021 02:26:23 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=1215867968.1619835759&jid=126752590&_u=aChAAUACQAAAAC~&z=1310284940

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 85ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=1215867968.1619835759&jid=126752590&_u=aChAAUACQAAAAC~&z=1310284940

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 46ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=1215867968.1619835759&jid=1706597747&_u=aCjAAUADQAAAAC~&z=1012038747

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 84ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=1215867968.1619835759&jid=1706597747&_u=aCjAAUADQAAAAC~&z=1012038747

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame 0EC4 1 KB
1 KB 320ms
79ms Document
text/html 13.224.106.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-199973.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-12.mad50.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f1fb18f52f7f3f86e0c73a59088e8ad.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: IxtAE4lcf_GxsEvvfV1sbiM3M_dHA_hHwkC9j1U6kTcMgQhiZmlbvw==
age: 2715130

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
446 B 118ms
38ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3827330936308599&vrg=2021042701&nw_id=10216148&nslots=26&eid=31060923%2C31060504%2C31060795%2C676982961%2C31060840&pub_url=https%3A%2F%2Fwww.opovo.com.br%2F&qid=CL3B_Le2p_ACFS_Auwgd-VwFCA&iu=%2F10216148%2Fbanner_bottom_desktop&e=0&ret=468x60&req=468x60&bm=0&efh=0&stk=1&ifi=26

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4FA 0
0 138ms
73ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNrLJDvG47uwJ5K-XHCiDH6wH_Hqma9otP4Ct_TrtSqTqVk1zx5T81_Lll8ibwt2dX3CikBfzfXNe8yTe4ExTJgqLmwAKKi4TBrVsUr_88todUOmkQB4LTJf9Y83KakzBttBS209Bw8K4Lo10Vp_J8xJZgUc9ythREoQJTC_dTVd6zUgRuytoEXyF3XIFjxyFznk6jG0XGe6Ui82Fjv3ps_1iqNUhn8ijkb4RrJdkCOOmVE8fVB-N8LMjWZCXG1D5S6JFmeiMJVDHwVYyyFbUEqagoVNYezo4e&sai=AMfl-YQprA81SkUCVHx9c5psHIbg8PwiQkdx0KAGWkujpyvCXGg4tGJr_qoU1pBEREtVh71jQzHzAeU9CeFhcXoVl5vcUxj4lojdk6cpMksBIQChxgmvVvpAhoMzl49GDks&sig=Cg0ArKJSzA8xpeaO68KpEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 01 May 2021 02:22:42 GMT

GET
DATA 200
OK truncated
/ Frame F4FA 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 687665094c49c3e82194d2a917df5fd2f4144a3ff5ebadeffafd1de1bd6d825f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FEDB 0
0 168ms
167ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu730thAkR4s4wizdIDQLkz0UxiD1rhDpLfiL7On7j7TYe9YTJKfrNtPLQRlhsj7Ikf8zweOzexoYyVx7kzNW4xHvhqWxeTnT9GRhh3HZ0yNPngfI22HRnNobYQqG4gNtTxB5R_6icbiZLOM2KeWREgnZgYCv86LsbJ348IehVRxG2k-fpOKdJb-l5bSEfwduHADP-frr568QchuIk8PETHg21fd7rKRolJDmOaEkFgY60od9REKU3jv7M8kNI4i3zzSCBZQGCJESes3OTHZOgbY9dXJ7wBFK43&sai=AMfl-YQ6RJes420F9LveoNSK9GZNOLBbUkDmZszwPsHLsnivkBfws7gMv79lHHuDpiMKuL9cFGtT_mFI2XrLOlFQGNkXz-04eZn94yI17fFqUaok5U0ZTKxNF5R2ULnyXDo&sig=Cg0ArKJSzCroRyMSlvFIEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 01 May 2021 02:22:42 GMT

GET
DATA 200
OK truncated
/ Frame FEDB 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46c215f52699ed6cac2276f46c5b27ba257a6651d432f0b0b299d6d73fb2d6b7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A980 0
0 130ms
100ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsXOu9sNot-aD4kbbesvY9PhngRL405gnEetca5rXn1nEvfpUcWcHwp1AoF9Arq2GE7mMDPGTkHWmYdHqwhofNBbpjWOjTcwtwCgzHol3rJUiVx3CzuI9GObnJOKwvJ-k1NMTiG9Mcm-DIhwOtXkbC2o3UX7fiekXw9_B5zrxH_SVxiQAPg4jKz8DlmO4XWHPxZyZXtcnfiYtUZu82_zvI6ladfcDS3bWflDt8lRp1WxsFDM6gJ0yOeKMN1GxhCEb4_mBM4YZkoIWemQB3WIF6RUVAMHt9PsmG3K2ZaojO3EhW5WEgR3uVlQ&sai=AMfl-YQqt-d5no2rrBDr2nTPC6Z923DULKHHD-QQ45R9pbd3VGdKDDiXSsGFopsyF2oR3xsfo85a3lai0WvQCygljwVbPeg5o4o8GVKEP4i2TFN09CBkx4FOen9L6F76h_4&sig=Cg0ArKJSzIJVzeL8bYWKEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 01 May 2021 02:22:42 GMT

GET
DATA 200
OK truncated
/ Frame A980 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d08c859f30409cd456b3e543cb212bc47efce261e3a88181be9d876541fc76f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0EC9 0
0 129ms
99ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFHncFtB1qTcLNd-ug8_kfuZDiCk6Q4lkWasszAehaJT9smy9_I7rzbwd0Fwu1-d4aF1ojkxdwhJrO67W7kzVkPReTmO-3Mr7HK4q4_8QGj9I3CA8E8xWyBRBg5d6HDYBnbGIqVoDOqgYuu4NGf0HoNFsohHwuVqZwIyr-vr4bJMcf6qTDUAwC-TVlDGsI_A_ElYu2iEsBGtyy4y-2lB6r3n4qP3wJr16F_eQK4B_2IiXoBJo7us9BQI_8CHNSwG7S1XAc895S3xhOSpV-A4MlUSwZKBMp&sai=AMfl-YSHWmJLymOr3wKVrdou95I__7ifPq-WyiOTw4iJK1WIQBj1xYhlRyOzs_DCCsgZUayHyL1xLtwII4yvgeeFKXZisqSNXt5OsjY5IjloaSSKEMSzUI-XqBERtr6OwT8&sig=Cg0ArKJSzMkA4soMo4dLEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 01 May 2021 02:22:42 GMT

GET
DATA 200
OK truncated
/ Frame 0EC9 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a4207edcbcbd498a5bc802056baa383b747804aa8c4809e4ebf5cd84fc5650

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E7F0 0
0 127ms
98ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC3jbhGwmvANotHpz2TBj968gavxfO__1UX2UPtQm1Mzy9boMbT0Uw1CFnBol8YJ2JHNGdFV4VUl01F_52_fL5bXPnknzCy0_Akof7hlW_ci_FumYrJXl7eh62rgBrHhTBhuQLUOlkDk-k_o1HBWoXSpZn2tTZ2L3ghKaaJD_rwELa0N3V_vgeDkc1qSersPWRsPvfXNN8D70hpsIoczhwPwp0vJwxMo7QHGY8wthtSY0_yc2LCXfXxQPrFzIsLdQzcXa9X1AiLS_Cx6my5BUHOA76kN5-&sai=AMfl-YSh4ck2IJlOHfRVu9C6Qhe4zjUFXaHUtKPEfvf45AzshKddhdeaSUKTwExmL92L7-oMfk5pe7oBCdYPc7lYJPRm1E7-M4Xw7LV1iOTI6hxCFFKifyfwFnE7CsM-OeE&sig=Cg0ArKJSzKSxqnKxGdQREAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 01 May 2021 02:22:42 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 951E 624 B
978 B 192ms
0ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNW-e7EEMsEd9kS2EBOaRwQdfB48WGM3q_Snu7h0OkgRyFTHFoUtOTPO9XT7RJw_5t9_a-KrfFOZsBbFiYelmus2XQ_OQ2AXaaMMIsxDWGLt9ziZ_aADme5KaHCPOv9ere8JMkqSbhXws500DMte_cAPVMsylm12RIxHCY0vVtfISQMeZjnVwrlm3HRoi3FSm0Gr3SHMAYJBQmeGT3_JlJZ3DPdRnQ

Requested by

Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNW-e7EEMsEd9kS2EBOaRwQdfB48WGM3q_Snu7h0OkgRyFTHFoUtOTPO9XT7RJw_5t9_a-KrfFOZsBbFiYelmus2XQ_OQ2AXaaMMIsxDWGLt9ziZ_aADme5KaHCPOv9ere8JMkqSbhXws500DMte_cAPVMsylm12RIxHCY0vVtfISQMeZjnVwrlm3HRoi3FSm0Gr3SHMAYJBQmeGT3_JlJZ3DPdRnQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 01 May 2021 02:22:42 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUkoZ9pB5_RYgvNwI4PTKDm5XOx8M2HpLgDH5MrNo2cuf-Oi270o61LdTRf-; expires=Thu, 26-May-2022 02:22:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 02:22:42 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F484 23 KB
12 KB 209ms
2ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAJ9Fj1QUNeqa6X36h7B7QcoZDthcWJlBn-U-Jv6ZgDM1ENprXP0ZsjeLhNA5RxXcPj44tWWgyQAInL23XvSCKPxR1utwetSd9JnQEuOk8FZ-6JGVg_DOzmbBxhJtPiNdc6pnRHPGHLzgmBI2gCfkvgz7S9A&cry=1&dbm_d=AKAmf-Abcs5hRoRNXNRCRpNlxABnWbQZ2AHJk64dzblkfgCaBAqL0d_vohcpJR4UwAw_oA1vWSlpBtGX_rj7rvj1UupkXkDvrkstr25MUJbK0cQoUFn044ZdIuON-CXDE679IQOzvJJvIbY_qbZVnO_kUOt6fy1SBVDkf28RzEXlaIw3X_RthJrgc4_1ATYKzb4as6tYgoxHqOnfL1Um5vxQcfuJoHpubiEjZhLHcq1PXJo33gYqI9hMusaVW1Uv1j40oIdCEP33fovNnmN7qlNnOUF16-4ChKw28-tBbDO7K0zDqZeAw-uqi63UfzknVnlTeJW5LmBmYGP7lyYf0Tf3776kfzBKianjL2wfIKRnc4zp4hMzOk23gUq9Jz6lKC1NUy4zK9Th4G2Pi4wgt-fx7nVPG2sUkG6bgT0TYrj5oRSGfma12WvWlzUVfTd7CfyZMFf9ydNBtFO1dCuEhCiY89bvla4qKVxTx49be0oNS2rafwyOnIGmiXXfh_awU1K9x0IZ9UdBCsTGB03ozPEhwmn39HVS_YJZjHXKohgTOl6eLBBL69PDyfjwx5GD33FVZWbo7kKuJ6OGxCfKvl_xEfQM6hkJVY_UfceFdj3zTzqrhYIgKwhY8wJYMWIuRwqwAsrlzZ77Vqu61jnfFEebcb_r-OVa4KV1Cks2C_4g_3GNaKjaYYcOZ7TccaoCLbqPK9fxeCX2HuHAvAaDlSB3X65zxZUEHL1rfvpRrnQW2F9_3XRWqMoos1Nqh5l45fImcISGjls0GOJ2ZE-3VanBxxW5d90uSMIAXQp84mmcVAtynEbY_S0AStKk123DzllQS2bAW97LQvamf76zthiws2z0nOUJ-U9IN-RsD2Nc5mx8ML24DgTNvyqrgFlNlPu4K2U8VZqr56XXUCO7CdjgJnvZbl8TFDJNFKfZ94-Q4ngMmGsxV4kwhOeZhZht9fJleC4wllSIsTz_a86IU6PburmHZp_KhUAUWjm-P6rpuw9Xeu7Z8xocWw4JCuAMsqGUOr2RHIDS_3ieNw7IckxEtIKIqc5F2vilYNINBqogoUJV_ZlojcePuW1uJSjrwjzzuQNjMWmFSohsVHnIy_f1_HpqWkIJC5uxpvqEV9Jb5RJAKQ26weePjRKeLVLMd4lHKA44wf0bsJNYAEcEPM0trZE_NqA0DGaOTMy195WuWg8ZuGAeJeSwuSzA9LUon-FvtO8FAjrQIy-aLs-ujwFjr_yJh6Ne4-jkIc2_qTyf7_TdP2xUtDYD-D9AhE0B3y7FJsY4rLCjlyCM0fv87qyv2qdXZ2yK3EM3Y-XEj4ryp0HNZKf6uYb-WHY3zJeuyFydsqDbLtSwNYKpuEL7sz_Z59i0Vqfj9q2qcvEeQZTVUMLuphFfGD2kymnjL8_Uj55CR57VOcJ8MJ6xuW2MjiFc8Jge1WTaMi22H6WP-TgmzQ02gzoHslhNCc6VIq3y1Jm_rJ48_4hBMxZrVBJfEQ2RzADvUxayZ-Y1v131RmWcKybTWdSeihyKiLFZ5HGcZJ7z88TzctJZ0NUT6zajDcJ5qrmfZIwGu2E1aex0OhmaMS6mFLBe1PcpwrNIUuIgFIgCYatHeuMwbI4EvEqr_PEKdTjfIOi9PEYutOfOoqYb6jtvJh3b7E91mPEcGAqOSTvapKlMDsWBoeiXr7vt1hqy9sC4CKs87rMkC64BXb_L9qAscnH5yiclOWL8y6bQjAppdDTmbJTeTA9FLJxov1kl-FUr99KUUloObHQslVIK-ku3UMZ5Fl_asmTy-YZ0lT2SzY7vueBTyE2OQcsgU_jiJKCZQym3gVIn-sU64dPyd08bYXQblY2SRzmz8w8h3t4532-amJ3i1_p3bxKSNvrW_76NYEwulRSpOGWjDuTh2u74Qr2lJwA4cgeBfkNI57yfbO3sb8VYxA1qrw6Qldk-Np10IB2F59QEm-gGicTrMXlhUaipwkJlZba-4Zu2EXOabQhx72AMZABoeDtkGZGvepVAQISf_i382LtME8gp4nANShpBySlldigvI5TN2hd_x0ErNskbUIzSoOFyIX6M0j3yvDQ6Ve8jSe5xgMTVKL2oJVVNw5KovRICyJH9vYE0pbdzTYOPNIP2j0RLlJSWvBlD5y1FHN9pcVn4U8HKqctA-D_ZTAE5gS9lFkF-L8kdc6vcmL5PaOcQfuFgOBOIBPdEdO36rA6l3DvrwnqAMzK_UJiGeL01kNrZMostlrdvmtmMdR1e0dHlT_fvPz7uBVcl2SS38yeBwXrbpI4IYk67xsplma6AVUS0RIbeUzJUG9DQLUkNPR_z-BFB-8hs-gfHvWNrFMwZZbEGdeA5S7oylT1SHW6EYauxXnA26NmWtmHM_YdtTnHeX3TrHVic3WAeVMJPYV9LluZwsr7VawpjKcrvZH9LQRngtAGVVHGYvWoCo1--W1Kd1v4kaRS4tp8qIRoG5-3uenSUiH_XCzrd7iAk2EZ-xZJM2Xyqb0PoUm6bjutU4o6GoeCyHl7d7HCraaGra8LmWToJinZCSSqpEHgkCAS-xYZG1fZ6VoxI2pANC1BkmFUicHkssB58UAzBBy019hKOf64xPx2FOvvB9demNmTF_sbGG_wxSjTDD8bxdFxRumMN8OPSkWZjJ_5QDPHyc2oEK8H4yQ9ibZTdZeYKvx46nBWlPlgOKYFFP_0ABLfZ6V31jtG8SsGVpZndnLvmQ2NEqdtkkgbnYq_f67GVzEgEd9ItweiH22zbe5hYI_mU7hazQuG1eJYREncG_YHyOiWAQ9FYXJ9IGm3jzzpu7D0jg27m1j-rxq4GiCZ6QvdoMmqKF_K8VBExN9DDaJyUvgQEt0K8RTDCAWaaDuxbsDKHO0bJXu8rqcAtIEvRPWEV4_mXKx7w7MTHKi7CqbVPqTq_lopI6mEIxS8KhT8yR8AXbCLv44_Yd1Z93jdUdyCBP5qmgYlPM5XYSz_k8DkaWvYzuOcSAInS3xt1mkFfno3Q1JojkhSLoUlCBQrmwvAPm2ph49WzzrN9g9UxV-11bRz1qq1UFDR8lmBuKrHz7_1v5luyp4zzzOFYdKsXO8SZe9VSw-cvzs2VKnfaivnmr_Zq42gHGrtIoE8HjZ6iIlts0zOyR7SUHtzImnAFbyiwrtIw5ZlW7Z49ywOnRaPGqsRStjbWaKBJUuTcYyHrs90DSzwIQQ-tQP7lQY8Mtahf&cid=CAASPeRo7snDFDaDBJaK2MIjd0jj5xjgD8QPiHCmhAQs7dCg449BsCCXJlaeF51YVgRuDZKQcP1OSuXJQUIfUfg&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab4cfa8e3a6b5091dab6593c97370f5faf9cb7abdcce38f5ecb7519533092352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11482
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F484 42 B
63 B 99ms
78ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtkemASQgyVx0ghqR-Ic44HRKjyXTLlAldzwaHfezWKcjImpyn_2-4a_9hUTccJC2JVVBmrkgdUYVHnkbnththErZL_FURS7KA2-HjT0F2Xme6nNs

Requested by

Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame F484 2 KB
1 KB 236ms
159ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 02:22:08 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F484 116 KB
35 KB 77ms
59ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame F484 13 KB
5 KB 85ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 01:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 01:44:06 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F484 0
0 139ms
42ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmEsVQwJXgqdwJE0PUL0Aplygnw3970gVrZ4zeVOA18fXJ6p0FEJ9dbROMHPnI8hvv0LF7
Requested by: Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BED1 624 B
560 B 156ms
0ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNUlxYYpOGWFIpA6w2pSfSnOcBIJxBQsRwx5yTmhZA3kZ6t5v7llvjfJCwg6gWar0qd9Te1H_yX6LbaqkA-s1zVMzgY78G9m10rgBr5MdM5X7o7BXy5UPbQXng9LkhBmSr6MAWUErBvHUKmdKDRHoIb11wyLoskisYYlMcO_ArOY5q3Aa8lZW-I1Gwss1Tm0nMG4tpO2xZz2toGOCIjB58yQU1OMOw

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNUlxYYpOGWFIpA6w2pSfSnOcBIJxBQsRwx5yTmhZA3kZ6t5v7llvjfJCwg6gWar0qd9Te1H_yX6LbaqkA-s1zVMzgY78G9m10rgBr5MdM5X7o7BXy5UPbQXng9LkhBmSr6MAWUErBvHUKmdKDRHoIb11wyLoskisYYlMcO_ArOY5q3Aa8lZW-I1Gwss1Tm0nMG4tpO2xZz2toGOCIjB58yQU1OMOw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 01 May 2021 02:22:42 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUl_QaaLLcEVxbHhW9ATqgXwFPSYK8jCkIZMVcECnGPRijyhBDChgPp1mu3_; expires=Thu, 26-May-2022 02:22:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 May 2021 02:22:42 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4DE8 23 KB
11 KB 189ms
46ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtZ9SaDhpqqBRqCFh0E4l2LWjtgCN5p7JRHTHYGSsXF3MzXQpJKjq-y24K4GUR-aoO3V_Sc0nVKotzudjakizZk-Znft0URauxn5wK4asm8EA4dUMIzBZFWrqpeBp1Ms83_4AK-0l56Fo_JWh0qHIuW1XIdA&cry=1&dbm_d=AKAmf-DwccYkhSNjNdlppQmLpir6vvAz1PPglgUBFb3qiwcupzgvuvM84s1lymVR3DMmn4memFbtCCgktRypyDKIuCLtWZwd8SNBA_XWjaj2SSkJbTYWdUamsMiy4Wcb9O0qGBCAcfqaeZgSayxeQUD5hL-r02LKDtxjxDn3REqpT-fCGJioDYzWSx2UmOFV21IeCnQYAbuIsbonstA0RuBUFbbYMU2RK98Sm2l0p0lzJQX2X2HTYsNCs9dC2n9lZStldwSAyFzv-lEd0KwRq8t5hQKXxzZmkk2OZZEMwNKPW8R9re8wIDUs_ICzOaC565PijQ4ujCH3kxkoUYCT9Tb1r5ixxeJIlUq_Aj9gL2sRSxH5ToO7g_iiNwet_Bt4u2lVHfV4g-ghgQlXGRDb-1FNX408LntfhddEMEprvnG46ld-hHLDjSXpERFzflTVi4H_i5s2bDzDrplMBhE-nopceiaS0I-A2mADLnLPR4He68WSlNE4HSwXI3qE16q_PohFyES-P3Ecs7n7yfZ6PwUx0mBiZ50wjbtx1POWOKxwnCDVm2Gog1tN1AqTADlTmHu24rCzttDbLsx_neeGvuPJthaZgCv-gId8nRNW9RnGng82pbyVD9FLDmkQV9QSm5t8wRuMHMYHx3YZmlS_KJO8BXlUIyDjV2LxyNJWDH8G1MnRsv0QGmleFzU8RA19a0XYqH4Ac2TRv3CaJ-AGiAAhpo1bW3Y2huGICsKZkrOWyYPS6SLuF-bK9ummlCT9QqZqF9zoePdJFDnKeNIRAra9Ow7eKm7zzETe22QrC3Iz76hnTzBWujvLSTXjqnIUAGzGPi5uerZB-9ttKaUuinHXIz9vAW_ZuIocuU1NFQU3WHzPThzV8L76f1wZKVI7ZaYXvYsVE3j-xa8KBr24Us-TAQSACmiD-_o1QbsESD7jZQU8lsGpcoWEm-5gFbQ2iLbnwG_HIYgxwpC33gekIhiVAy2FqGXDFlxU-pU2pih_vmKzJAL5QSHbZQMOKVd03f3SZCTpTLqRQ5U73iMjoH67423nAqs71nz2Bxq77hCFgC-LDlisnvkAxby92RMAkxc4my1s7nBe_m1jw8s2GLJ2KrTfUAX1nYoItDwPV3GK0DwbOzY-X5D8UkuAPBsbNWy0u-uNx6zj_4N92vPCDw5-FgfKD0D3mgL1ehIx5be_n5RHz5Q0F_10JjXU_oVTwI_JOtZ0UjkJ2B89Qm9-8WkfyI6LRSRxtFUTUfYzhFFAOTiOW5Nj42LBk762qseg_BYsfVg6epdejUBq-mYULsnfS-NkyijhWHctKbc_kDJPRNXKRcy7Fh_p0vsuLZjSa0UQ7f8WLNVIiCjSBJJ6ZBvNP3ik7iCd0pv7bjliqNCQt-Lz49dXrbFukjmhObyeW_0Ur-TNxTrIE2urnTvy89JQbU_Nm5-s1O-sndKP9TUs-1VpXuHv5u4REFbSGOmv4qGs94EcpLVmtA2OFeRza36i2nX-HSWZsQPCJt0Wpg9OFOtcUwj29C30Hj8T0PQbpFofGS5KxN6p_SxZ-vZ8cDOnQKGNGbrrZDSej_u7EqK24Kx-InT7CoeTB-OEi0h47Qucdz0U-25I4aS3Fd8m0olqfb-4YVzxmCOepFAo5v3veDJtqyCfrEYQ1XhUqQq2i-0UHCKqxpLGKdbcNrBliPb_A1X-6JcEkYRYftYMiV1l76gibxk7ImLn3JGaxofPdTchsPnZzJEymApl4lfS4m-1AfRiIrkdwD7UwJt5SMcOh2YafPzc3IGQg0kMVO_zPkdZW2SAQnTNy0ZTsdVf0iK7925RZoH_g90c7Xlk3H6kTxwu6B2HKpaku261jqyJFbSkt7NGl5HkTPBcInFlG-9COtADbUQCDVz2V6mOAyaTb7OV5KbqM4RbJC6hBjuxfzllWpfWbVeZjRpmAAT_AxK5SA4B-7v_tNWJut91_i5ypPSf8WlCL5ETJfffueZqptlXLyAvMQh5qLoeTwbvai1awp4Jg_VbX2jRA5hnC3ko5egFtSZKRsd0C-53tZMy5NgW3NlheBLhzpZ31JcE7IF4lPJaWBCTmv2upkErGyrvkAbk_iYWETN3HOWdf-X46sStiw4OpiW091KjyfXVgUdc9oQVoupMlNH620D7KF9JXJHzntP9RiFmOzg-HHCyRogspsH4vQdp13xAhByavn2LxC1X1dS8b9IcT-g8m8JsY5rHAQM8fVz9v2-6r1dCGSy56KWqCcKwRGsGEXasQrkFbzFJOewIJ7c4rK7t0xbhHWS8_Mxf3foWLM-fkDJlCujecKdJ0tvuWYd_YIrvLJ9ObsNCb7TQ1Eyth3oFVYKa8QXZW_AHPX5g_VYpMaIu24wKvuKy4mktPkMPgBHsDhMBCn-p77C8q3lgUrylb2J0jEw5SHk7yBpwKliDN4dBPuJxIWA4z02br-k3I5sMghGoR_-ljSDiTdZ9WqnS-iyUa8-JuX1K8QCgn8L09nsXNPPfMmeRJcPCRovj6PYxtWqK0D_Pu4HgtI5IcQLg4cImal_-WRijnz9TNoBLoHZeotjsVwUseuIOV24C32B3ZrpyO94gylOG7sTVH56gkgUt5UYWTRIpGHYqpMNBZElfW7Tg-N4E6nRGpq_C3yDxZKFh-Qq-8nYpTBs3p75_WQFkX0ZVs79urWI31SExH4HZpRk-lZNoBs7_xUo6JL6bLpqL1jiUOHXCXvRbxN7wuxz8UqvBLsIcEq8GQm68cvc4re5oAfD-ANyMVh8Vt38UhEEcZ3AfpSXLK2YTronoVJgEiSAyeEeC4gE4t-JMeyFJHKrEuf5h_-FSqV-iiCCDA0KKRnPiFs_UtrlydD-2fXAOq50Ymbford2qv3-eWs06LIcDSDtjbx5-mxty06bEFXF7PODg1dNvDssQEyLE4vpCeiZi2awRZjGYlNmqH4qcXE2Ro5Brv9uPY3jbQZ117twykQZRq-rmHw8p-cpsedOiSDtDst7RKAOd7uzGqR06F5EDYVZqOL9afPiV8OxksPN_0SDadX9hUlD-RjYk6s9EI-HlsuKxlRz32-P2xfzLnMw4s-MQhOoJgC7bSvNCbxmCbNZv_3OLe9W-MyrCyOYiEADBzQZa2ep-tH5peh_UC6kiBuaBjwhYYtQ8o_AXImPBVpnmu43Ce7q1LNZPPWykee_AEV367snbt2huk6EnuYUtwGVEfEig&cid=CAASPeRo7_l2DOmCAQZcdE1GvGtCrkQN_UG5sqaAi8OsgWnrbWKkdAsfT-C4TVBU9CaJlxRNcMkxA3pDE309MGw&rfl=2%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8b1c5a373fca26dcc0316bbe8800c84c7e91628930a9fa70ad4769612700e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11409
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 4DE8 2 KB
1 KB 131ms
78ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 02:22:08 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DE8 116 KB
35 KB 97ms
44ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 4DE8 13 KB
5 KB 95ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 01:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 01:44:06 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 4DE8 0
0 155ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIz-DPyv7T7G4TqcBYTE_oQjOJZgBXkOaT_byc9uVzey9MBopwoMSgjSpUCcqbULZYoJ1U
Requested by: Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DE8 42 B
63 B 190ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-ksJ3oosQ_sKE_dDlJ49G_67yYrCzXz3aLtBv8KEa1eMfFgusL1W-_s8Aht9I4HWHtCCzD7hISyj9HcOxy3NH9bjufzGCyjoTatL0ebo7hbVf7lM

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
287 B 12ms
10ms Image
image/gif 2a03:2880:f13f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=200307651652585&ev=Microdata&dl=https%3A%2F%2Fwww.opovo.com.br%2F&rl=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&if=false&ts=1619835762574&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo%22%2C%22meta%3Adescription%22%3A%22Not%C3%ADcias%20de%20%C3%BAltima%20hora%2C%20an%C3%A1lises%20pol%C3%ADticas%2C%20neg%C3%B3cios%2C%20opini%C3%B5es%2C%20esportes%2C%20entretenimento%2C%20podcasts.%20Tudo%20isso%20%C3%A9%20O%20POVO.%20%20Somos%20multiplataforma%2C%20comunicando%20h%C3%A1%20mais%20de%2090%20anos%20a%20hist%C3%B3ria%20do%20Cear%C3%A1.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%3Awidth%22%3A%22150%22%2C%22og%3Aimage%3Aheight%22%3A%22206%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fincludes%2Fassets%2Fonline%2Fgeral%2Fimgs%2Fopovo-online-img-og.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fhome%2Findex.html%22%2C%22og%3Asite_name%22%3A%22Home%22%2C%22article%3Atag%22%3A%22%22%2C%22article%3Apublished_time%22%3A%222021-04-30%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%22%2C%22article%3Aauthor%22%3A%22https%3A%2F%2Fwww.facebook.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fbusca%2F%3Fq%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1619835761432.1966745332&it=1619835759861&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 01 May 2021 02:22:42 GMT

GET
H2 200 index.html Show response
noticias.uol.com.br/eleicoes/2020/apuracao/service/ 1 KB
1 KB 76ms
13ms Script
text/javascript 2600:9000:2104:e200:5:2362:a880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://noticias.uol.com.br/eleicoes/2020/apuracao/service/index.html?loadComponent=projects/election-2020/election-2020-config&data={%22jsonp%22:true,%22config%22:%22ticker%22}

Requested by

Host: c.jsuol.com.br
URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:e200:5:2362:a880:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

marrakesh 1.20.0 /

Resource Hash

45a70c9799daf3ef74ecf4e75565d09ca038a83e37eced0ab40ed441248f40e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.intranet http://.uolinc.com https://.intranet https://.uolinc.com https://www.uol.com.br;

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:21 GMT
content-encoding: gzip
age: 21
x-cache: Hit from cloudfront
content-length: 571
last-modified: Sun, 20 Dec 2020 21:25:21 GMT
server: marrakesh 1.20.0
etag: "f840bcf63e0e529ed11e8b8dd262f924"
vary: Accept-Encoding,User-Agent
content-type: text/javascript; charset=utf-8
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=30, must-revalidate, proxy-revalidate
content-security-policy: frame-ancestors 'self' http://*.intranet http://*.uolinc.com https://*.intranet https://*.uolinc.com https://www.uol.com.br;
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: AANXHNrERM2gFEbBd_G79DMy0n_PwalJm2k4LJQ6a_Dr0LoCcGPwww==
expires: Sat, 01 May 2021 04:22:51 GMT

GET
H2 200 pixel;r=153470875;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.opovo.com.br%2F;ref=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F;uht=2;fpan=1;fpa=P0-308613042-1619835762658;pbcn=u;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 35 B
371 B 20ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=153470875;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.opovo.com.br%2F;ref=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F;uht=2;fpan=1;fpa=P0-308613042-1619835762658;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;d=opovo.com.br;je=0;sr=1600x1200x24;dst=1;et=1619835762658;tzo=-120;ogl=locale.pt_BR%2Ctitle.%2Cdescription.%2Ctype.article%2Cimage%3Atype.image%2Fjpeg%2Cimage%3Awidth.150%2Cimage%3Aheight.206%2Cimage.https%3A%2F%2Fwww%252Eopovo%252Ecom%252Ebr%2Fincludes%2Fassets%2Fonline%2Fgeral%2Fimgs%2Fopovo-online-img-og%252Ep%2Curl.https%3A%2F%2Fwww%252Eopovo%252Ecom%252Ebr%2Fhome%2Findex%252Ehtml%2Csite_name.Home

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame F484 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAJ9Fj1QUNeqa6X36h7B7QcoZDthcWJlBn-U-Jv6ZgDM1ENprXP0ZsjeLhNA5RxXcPj44tWWgyQAInL23XvSCKPxR1utwetSd9JnQEuOk8FZ-6JGVg_DOzmbBxhJtPiNdc6pnRHPGHLzgmBI2gCfkvgz7S9A&cry=1&dbm_d=AKAmf-Abcs5hRoRNXNRCRpNlxABnWbQZ2AHJk64dzblkfgCaBAqL0d_vohcpJR4UwAw_oA1vWSlpBtGX_rj7rvj1UupkXkDvrkstr25MUJbK0cQoUFn044ZdIuON-CXDE679IQOzvJJvIbY_qbZVnO_kUOt6fy1SBVDkf28RzEXlaIw3X_RthJrgc4_1ATYKzb4as6tYgoxHqOnfL1Um5vxQcfuJoHpubiEjZhLHcq1PXJo33gYqI9hMusaVW1Uv1j40oIdCEP33fovNnmN7qlNnOUF16-4ChKw28-tBbDO7K0zDqZeAw-uqi63UfzknVnlTeJW5LmBmYGP7lyYf0Tf3776kfzBKianjL2wfIKRnc4zp4hMzOk23gUq9Jz6lKC1NUy4zK9Th4G2Pi4wgt-fx7nVPG2sUkG6bgT0TYrj5oRSGfma12WvWlzUVfTd7CfyZMFf9ydNBtFO1dCuEhCiY89bvla4qKVxTx49be0oNS2rafwyOnIGmiXXfh_awU1K9x0IZ9UdBCsTGB03ozPEhwmn39HVS_YJZjHXKohgTOl6eLBBL69PDyfjwx5GD33FVZWbo7kKuJ6OGxCfKvl_xEfQM6hkJVY_UfceFdj3zTzqrhYIgKwhY8wJYMWIuRwqwAsrlzZ77Vqu61jnfFEebcb_r-OVa4KV1Cks2C_4g_3GNaKjaYYcOZ7TccaoCLbqPK9fxeCX2HuHAvAaDlSB3X65zxZUEHL1rfvpRrnQW2F9_3XRWqMoos1Nqh5l45fImcISGjls0GOJ2ZE-3VanBxxW5d90uSMIAXQp84mmcVAtynEbY_S0AStKk123DzllQS2bAW97LQvamf76zthiws2z0nOUJ-U9IN-RsD2Nc5mx8ML24DgTNvyqrgFlNlPu4K2U8VZqr56XXUCO7CdjgJnvZbl8TFDJNFKfZ94-Q4ngMmGsxV4kwhOeZhZht9fJleC4wllSIsTz_a86IU6PburmHZp_KhUAUWjm-P6rpuw9Xeu7Z8xocWw4JCuAMsqGUOr2RHIDS_3ieNw7IckxEtIKIqc5F2vilYNINBqogoUJV_ZlojcePuW1uJSjrwjzzuQNjMWmFSohsVHnIy_f1_HpqWkIJC5uxpvqEV9Jb5RJAKQ26weePjRKeLVLMd4lHKA44wf0bsJNYAEcEPM0trZE_NqA0DGaOTMy195WuWg8ZuGAeJeSwuSzA9LUon-FvtO8FAjrQIy-aLs-ujwFjr_yJh6Ne4-jkIc2_qTyf7_TdP2xUtDYD-D9AhE0B3y7FJsY4rLCjlyCM0fv87qyv2qdXZ2yK3EM3Y-XEj4ryp0HNZKf6uYb-WHY3zJeuyFydsqDbLtSwNYKpuEL7sz_Z59i0Vqfj9q2qcvEeQZTVUMLuphFfGD2kymnjL8_Uj55CR57VOcJ8MJ6xuW2MjiFc8Jge1WTaMi22H6WP-TgmzQ02gzoHslhNCc6VIq3y1Jm_rJ48_4hBMxZrVBJfEQ2RzADvUxayZ-Y1v131RmWcKybTWdSeihyKiLFZ5HGcZJ7z88TzctJZ0NUT6zajDcJ5qrmfZIwGu2E1aex0OhmaMS6mFLBe1PcpwrNIUuIgFIgCYatHeuMwbI4EvEqr_PEKdTjfIOi9PEYutOfOoqYb6jtvJh3b7E91mPEcGAqOSTvapKlMDsWBoeiXr7vt1hqy9sC4CKs87rMkC64BXb_L9qAscnH5yiclOWL8y6bQjAppdDTmbJTeTA9FLJxov1kl-FUr99KUUloObHQslVIK-ku3UMZ5Fl_asmTy-YZ0lT2SzY7vueBTyE2OQcsgU_jiJKCZQym3gVIn-sU64dPyd08bYXQblY2SRzmz8w8h3t4532-amJ3i1_p3bxKSNvrW_76NYEwulRSpOGWjDuTh2u74Qr2lJwA4cgeBfkNI57yfbO3sb8VYxA1qrw6Qldk-Np10IB2F59QEm-gGicTrMXlhUaipwkJlZba-4Zu2EXOabQhx72AMZABoeDtkGZGvepVAQISf_i382LtME8gp4nANShpBySlldigvI5TN2hd_x0ErNskbUIzSoOFyIX6M0j3yvDQ6Ve8jSe5xgMTVKL2oJVVNw5KovRICyJH9vYE0pbdzTYOPNIP2j0RLlJSWvBlD5y1FHN9pcVn4U8HKqctA-D_ZTAE5gS9lFkF-L8kdc6vcmL5PaOcQfuFgOBOIBPdEdO36rA6l3DvrwnqAMzK_UJiGeL01kNrZMostlrdvmtmMdR1e0dHlT_fvPz7uBVcl2SS38yeBwXrbpI4IYk67xsplma6AVUS0RIbeUzJUG9DQLUkNPR_z-BFB-8hs-gfHvWNrFMwZZbEGdeA5S7oylT1SHW6EYauxXnA26NmWtmHM_YdtTnHeX3TrHVic3WAeVMJPYV9LluZwsr7VawpjKcrvZH9LQRngtAGVVHGYvWoCo1--W1Kd1v4kaRS4tp8qIRoG5-3uenSUiH_XCzrd7iAk2EZ-xZJM2Xyqb0PoUm6bjutU4o6GoeCyHl7d7HCraaGra8LmWToJinZCSSqpEHgkCAS-xYZG1fZ6VoxI2pANC1BkmFUicHkssB58UAzBBy019hKOf64xPx2FOvvB9demNmTF_sbGG_wxSjTDD8bxdFxRumMN8OPSkWZjJ_5QDPHyc2oEK8H4yQ9ibZTdZeYKvx46nBWlPlgOKYFFP_0ABLfZ6V31jtG8SsGVpZndnLvmQ2NEqdtkkgbnYq_f67GVzEgEd9ItweiH22zbe5hYI_mU7hazQuG1eJYREncG_YHyOiWAQ9FYXJ9IGm3jzzpu7D0jg27m1j-rxq4GiCZ6QvdoMmqKF_K8VBExN9DDaJyUvgQEt0K8RTDCAWaaDuxbsDKHO0bJXu8rqcAtIEvRPWEV4_mXKx7w7MTHKi7CqbVPqTq_lopI6mEIxS8KhT8yR8AXbCLv44_Yd1Z93jdUdyCBP5qmgYlPM5XYSz_k8DkaWvYzuOcSAInS3xt1mkFfno3Q1JojkhSLoUlCBQrmwvAPm2ph49WzzrN9g9UxV-11bRz1qq1UFDR8lmBuKrHz7_1v5luyp4zzzOFYdKsXO8SZe9VSw-cvzs2VKnfaivnmr_Zq42gHGrtIoE8HjZ6iIlts0zOyR7SUHtzImnAFbyiwrtIw5ZlW7Z49ywOnRaPGqsRStjbWaKBJUuTcYyHrs90DSzwIQQ-tQP7lQY8Mtahf&cid=CAASPeRo7snDFDaDBJaK2MIjd0jj5xjgD8QPiHCmhAQs7dCg449BsCCXJlaeF51YVgRuDZKQcP1OSuXJQUIfUfg&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 13470574408442207528
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 02:05:57 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F484 41 KB
15 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 14:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42695
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 14:31:07 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 4DE8 22 KB
8 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtZ9SaDhpqqBRqCFh0E4l2LWjtgCN5p7JRHTHYGSsXF3MzXQpJKjq-y24K4GUR-aoO3V_Sc0nVKotzudjakizZk-Znft0URauxn5wK4asm8EA4dUMIzBZFWrqpeBp1Ms83_4AK-0l56Fo_JWh0qHIuW1XIdA&cry=1&dbm_d=AKAmf-DwccYkhSNjNdlppQmLpir6vvAz1PPglgUBFb3qiwcupzgvuvM84s1lymVR3DMmn4memFbtCCgktRypyDKIuCLtWZwd8SNBA_XWjaj2SSkJbTYWdUamsMiy4Wcb9O0qGBCAcfqaeZgSayxeQUD5hL-r02LKDtxjxDn3REqpT-fCGJioDYzWSx2UmOFV21IeCnQYAbuIsbonstA0RuBUFbbYMU2RK98Sm2l0p0lzJQX2X2HTYsNCs9dC2n9lZStldwSAyFzv-lEd0KwRq8t5hQKXxzZmkk2OZZEMwNKPW8R9re8wIDUs_ICzOaC565PijQ4ujCH3kxkoUYCT9Tb1r5ixxeJIlUq_Aj9gL2sRSxH5ToO7g_iiNwet_Bt4u2lVHfV4g-ghgQlXGRDb-1FNX408LntfhddEMEprvnG46ld-hHLDjSXpERFzflTVi4H_i5s2bDzDrplMBhE-nopceiaS0I-A2mADLnLPR4He68WSlNE4HSwXI3qE16q_PohFyES-P3Ecs7n7yfZ6PwUx0mBiZ50wjbtx1POWOKxwnCDVm2Gog1tN1AqTADlTmHu24rCzttDbLsx_neeGvuPJthaZgCv-gId8nRNW9RnGng82pbyVD9FLDmkQV9QSm5t8wRuMHMYHx3YZmlS_KJO8BXlUIyDjV2LxyNJWDH8G1MnRsv0QGmleFzU8RA19a0XYqH4Ac2TRv3CaJ-AGiAAhpo1bW3Y2huGICsKZkrOWyYPS6SLuF-bK9ummlCT9QqZqF9zoePdJFDnKeNIRAra9Ow7eKm7zzETe22QrC3Iz76hnTzBWujvLSTXjqnIUAGzGPi5uerZB-9ttKaUuinHXIz9vAW_ZuIocuU1NFQU3WHzPThzV8L76f1wZKVI7ZaYXvYsVE3j-xa8KBr24Us-TAQSACmiD-_o1QbsESD7jZQU8lsGpcoWEm-5gFbQ2iLbnwG_HIYgxwpC33gekIhiVAy2FqGXDFlxU-pU2pih_vmKzJAL5QSHbZQMOKVd03f3SZCTpTLqRQ5U73iMjoH67423nAqs71nz2Bxq77hCFgC-LDlisnvkAxby92RMAkxc4my1s7nBe_m1jw8s2GLJ2KrTfUAX1nYoItDwPV3GK0DwbOzY-X5D8UkuAPBsbNWy0u-uNx6zj_4N92vPCDw5-FgfKD0D3mgL1ehIx5be_n5RHz5Q0F_10JjXU_oVTwI_JOtZ0UjkJ2B89Qm9-8WkfyI6LRSRxtFUTUfYzhFFAOTiOW5Nj42LBk762qseg_BYsfVg6epdejUBq-mYULsnfS-NkyijhWHctKbc_kDJPRNXKRcy7Fh_p0vsuLZjSa0UQ7f8WLNVIiCjSBJJ6ZBvNP3ik7iCd0pv7bjliqNCQt-Lz49dXrbFukjmhObyeW_0Ur-TNxTrIE2urnTvy89JQbU_Nm5-s1O-sndKP9TUs-1VpXuHv5u4REFbSGOmv4qGs94EcpLVmtA2OFeRza36i2nX-HSWZsQPCJt0Wpg9OFOtcUwj29C30Hj8T0PQbpFofGS5KxN6p_SxZ-vZ8cDOnQKGNGbrrZDSej_u7EqK24Kx-InT7CoeTB-OEi0h47Qucdz0U-25I4aS3Fd8m0olqfb-4YVzxmCOepFAo5v3veDJtqyCfrEYQ1XhUqQq2i-0UHCKqxpLGKdbcNrBliPb_A1X-6JcEkYRYftYMiV1l76gibxk7ImLn3JGaxofPdTchsPnZzJEymApl4lfS4m-1AfRiIrkdwD7UwJt5SMcOh2YafPzc3IGQg0kMVO_zPkdZW2SAQnTNy0ZTsdVf0iK7925RZoH_g90c7Xlk3H6kTxwu6B2HKpaku261jqyJFbSkt7NGl5HkTPBcInFlG-9COtADbUQCDVz2V6mOAyaTb7OV5KbqM4RbJC6hBjuxfzllWpfWbVeZjRpmAAT_AxK5SA4B-7v_tNWJut91_i5ypPSf8WlCL5ETJfffueZqptlXLyAvMQh5qLoeTwbvai1awp4Jg_VbX2jRA5hnC3ko5egFtSZKRsd0C-53tZMy5NgW3NlheBLhzpZ31JcE7IF4lPJaWBCTmv2upkErGyrvkAbk_iYWETN3HOWdf-X46sStiw4OpiW091KjyfXVgUdc9oQVoupMlNH620D7KF9JXJHzntP9RiFmOzg-HHCyRogspsH4vQdp13xAhByavn2LxC1X1dS8b9IcT-g8m8JsY5rHAQM8fVz9v2-6r1dCGSy56KWqCcKwRGsGEXasQrkFbzFJOewIJ7c4rK7t0xbhHWS8_Mxf3foWLM-fkDJlCujecKdJ0tvuWYd_YIrvLJ9ObsNCb7TQ1Eyth3oFVYKa8QXZW_AHPX5g_VYpMaIu24wKvuKy4mktPkMPgBHsDhMBCn-p77C8q3lgUrylb2J0jEw5SHk7yBpwKliDN4dBPuJxIWA4z02br-k3I5sMghGoR_-ljSDiTdZ9WqnS-iyUa8-JuX1K8QCgn8L09nsXNPPfMmeRJcPCRovj6PYxtWqK0D_Pu4HgtI5IcQLg4cImal_-WRijnz9TNoBLoHZeotjsVwUseuIOV24C32B3ZrpyO94gylOG7sTVH56gkgUt5UYWTRIpGHYqpMNBZElfW7Tg-N4E6nRGpq_C3yDxZKFh-Qq-8nYpTBs3p75_WQFkX0ZVs79urWI31SExH4HZpRk-lZNoBs7_xUo6JL6bLpqL1jiUOHXCXvRbxN7wuxz8UqvBLsIcEq8GQm68cvc4re5oAfD-ANyMVh8Vt38UhEEcZ3AfpSXLK2YTronoVJgEiSAyeEeC4gE4t-JMeyFJHKrEuf5h_-FSqV-iiCCDA0KKRnPiFs_UtrlydD-2fXAOq50Ymbford2qv3-eWs06LIcDSDtjbx5-mxty06bEFXF7PODg1dNvDssQEyLE4vpCeiZi2awRZjGYlNmqH4qcXE2Ro5Brv9uPY3jbQZ117twykQZRq-rmHw8p-cpsedOiSDtDst7RKAOd7uzGqR06F5EDYVZqOL9afPiV8OxksPN_0SDadX9hUlD-RjYk6s9EI-HlsuKxlRz32-P2xfzLnMw4s-MQhOoJgC7bSvNCbxmCbNZv_3OLe9W-MyrCyOYiEADBzQZa2ep-tH5peh_UC6kiBuaBjwhYYtQ8o_AXImPBVpnmu43Ce7q1LNZPPWykee_AEV367snbt2huk6EnuYUtwGVEfEig&cid=CAASPeRo7_l2DOmCAQZcdE1GvGtCrkQN_UG5sqaAi8OsgWnrbWKkdAsfT-C4TVBU9CaJlxRNcMkxA3pDE309MGw&rfl=2%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 13470574408442207528
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 02:05:57 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4DE8 41 KB
15 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 14:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42695
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 14:31:07 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DDA6 624 B
297 B 23ms
19ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVd1VysexoQNR5pzKnXxqmliuTh0-ydqIVBPjK6Z5vNJ53krnSHNFzgZjPVSeTpAsyATnE33SRkWYsRPihaY8-twaL4nfF_vVAfGOaMLRtKH9Hj6OM_1A-v5abjSTeCmWWqAxOkoT7mOJiZOtdvxitEAnvzRdrlsMROzV1xUIr8I9BgKr7xw0iO1aQ7GeRaruXk-ATSPnphrJPHfbF0TmDiCN0W7g

Requested by

Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVd1VysexoQNR5pzKnXxqmliuTh0-ydqIVBPjK6Z5vNJ53krnSHNFzgZjPVSeTpAsyATnE33SRkWYsRPihaY8-twaL4nfF_vVAfGOaMLRtKH9Hj6OM_1A-v5abjSTeCmWWqAxOkoT7mOJiZOtdvxitEAnvzRdrlsMROzV1xUIr8I9BgKr7xw0iO1aQ7GeRaruXk-ATSPnphrJPHfbF0TmDiCN0W7g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlIVEGDy_Hn6NvFrLM2BfCzR_eVePB54JpNnnhg5GNhg7awrFeA5I1tqDSuVkM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 01 May 2021 02:22:42 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 008F 23 KB
11 KB 50ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAhKldwc5QgcGKKWcjPdPtTSgMuqz6HLiKSEclbUdagIM4HcF2DlPqocLjTCev0y25wDz-70_IQtESHcOmSsq5rIek9l-P80evo4jp31QH_TzYmCzK3K59a5Nso8dAIHVHWJSGAQMFqCyzSKQ-tpBEaYtNSA&cry=1&dbm_d=AKAmf-DxhGd1Zj0eBQ2tzUAVNwdRLGtG5pJxjxzUL1lLHOOTFDismFCN76Bc6ZZaN6LqfluROdjMbI_37j-sIrLjhUbJWj_zcJjKY5L0xmBOSMt4QPxozk-WHm3HOkS_7v5TOp1F4HTxK4zQD0k98wuYn9028s3vLUiGhMccBvPEiiotvZ_BXIkNA-LsVmh7wTIIIH-79CIfVrLDeIHnk5nJf16vZvdylOekG37ET9QQd3FDldtiUIWo1AJD9ukbt7qqZ9A7FBXyFdrM2E8fmbFb2jEHakds8MB7xIEtfSsATPnAInPeBt8c4PC8SLhIFvVKXcw-wh4TojnX1YNP0J6cjR_hq4kF62Gh3nOUM89r98CGUY-2_wqzoGpqmY3hzUEKLJT3zPb3egaao_kVTkVlUyv_YfhxkMbyBkQlYKVsyvsnqYCG8neRZtmeTPBsqB0lWT44gNkwJIK5idwhQpgc1W2UkoHz06fyXckmBkUPbsRWgYmMJUhCQe4gbFaZsMbo23YwBgEXf_2cBn8Sv0u1lKJjPLdqH01mUdQ1aAWnI3-r31o8GXsdGfb2OrwGQXmP2Jphnl8ViA3iKoTl2qLLWibNWzTdx-hw8cJqBo06YvVnSg33us_9NTJBzrJOHRVHlRv4W4XxzYiTLYsho_8FKcuijNOgLKEwTZ_3knezQOok_GA_Z9ZlAziX-1Dx4bN-T0lESiBl5O7oS0beK5yEZO56nvAYrgj9Fyh9POynuvqSYLxd6N1tK0iE1wQJ9tzA03sR4vSRfns7b8AkFlFAU_nAFhv01W9JVwgCFKgh2LbH78xie5enngqvMIfsTE7uPzEmWYnyfMfcIGCYQgxjgI5S4EPOsHVra724NG2YdLpJNmqlAZCk8fVdHTy9b0bOWqfuwGIlx2ZHSSX4cN8k8-V_Ak6umAPyo9-DbMCWPHiUXFj2rFr1w0TmVv1bxDfYtOsm6yXNTkhdoQBrMf5NrXx73mcDE7Iu8JDLFZvBE70yQOFGYfsDMNjcwzmbxKgqHouidWFYUjtAyGUzUKTIGh_wOH5ul48ag35jv4he866N_uBdyTHsVRki1wDmIFqRFfA83TJwHmhDVKr9jxLg8q8D3gG_PfOFbn0DnvkE8Ky0VP0adtmt82SM8cV8S_Y7tj-50J1xSeZ5vZgjHknjh1IbR9wgX5TcmjdDwo47i0uyhgV_WiJTs66E2dVdaHARNurvEFVM9MsAhTg5BvVP-c5iiScE13YzZcniqEu0aziSp6XN-Yh9jfGqapHE6ZCuXUBvQN-64SH1FAzBwmrViGIVcQrOp-VrRZ_y9xt1eCVYbBVddh_CcJ4hNIJtokYZmvDXOhks5hzPzJkoQNEEpXjFdUeUZcFWuW61B4iUF-D9WFz8zM1eBKjKSMVAI6NtUwaxF6vOpEJoBZ8uggMADmF9fO3NT3A6YpNpo9JN6me4Q8BhtIkSv9AKpi6fiUbvEMG69GQ74wGdFWLNzFCWFX_4Wy2PnnzTkjYqon6hGe6CkN8PeZoTcnAxxxnL46KH2yAU0GzIJoWRW_vqdXA0GPlX6uplCnaNSip0vmaCtBhbbof4j3HPpcznWgKkKQ3_XWQd4ghMGigGcxIU68m_ylcl7J0StMqPzjcyXI5HeBQK4aJWCJ83XlcfdSTOlaqVWTfTk5v8JrhjCPD-T8CRA0_yFlOE-BiwBvGAEPae0rJiMuUvKp0IE95LRrI4wkqa5q2gGJ-NxSFmwUhfm1r7A_szl-g3lHOFD0LP2AbNhSvvboRO8l5UkSplNBecP4bGxTTbDBaR7vBnOwhytCHxMoVHLLvzow7pxRF2Ov-QaApF1IDs1U1QCbiEo6JVxuTb4Y0izYiOYtFD6Q5P33mGVhWaejHa60RQ6LHQe4qI7mVdNNQ7In4O-4FEgiCyVxg56evftKWrxdkSsdr0sg_zeSwGsrYB-Z8WMAjjJz4n7Pvxtc81i_KZ6ZzoWCt0MrL4ZPrwuzfItfzQMGMoS17LuDGgjxljA_7gFuce2Q4wOJEzEvkSyZidUI0bUxxCnHKLCSJtBdCv-v9VW9OkvlOnvFbpjvJmAN6x-aQyTNIDtkMHMy6bZwDHW2NoPEI3DxhBax2XN3jaYDFZVU8wh9KsSX7nQ81l6fpRMIhzJ2ByrG7zo_ZdIC65NxVzxKRUS_gzFgc-wM8x31OgW3tVvL9TWid2aozPip4qyt6wL1ivr0xiPy0Tsjt5MUy3QlMs7B_lELOKCwgi1X73-jWgxcGlKESorFuDqWs-56A8my41uGK_B2H98anZey4_C82xRJSGdaD2PI2s4p7ZB1G9I5DPfTiG6yTqWs7dviyg3z29HvIruCgdkZgT5KRriunWGIlQIqxoWIZt347OIFYJaNiTQ7iNDa2ZhR6kDY_yND2xcECXQvYz36Qq_3OsaTaYcUCJyef25YbtM4JdTxQFxsqAW44NGaaR-AZ77opKd4HqnThn6ky2yOoCwdKuAS7AbfXx3OzjDD2TRE00VdtM-75kRjcsOAiMRKwXEy9duksjh_Ng-9u7HrMBAz70IqP4ViqIoDbnoo0WzX3VRxXS9X5d2pZ68BTpxupLPM59B2gCO2rcLAXZl1jxMm_FZe7QFarTx62oEXIVj_JRFpQhK07GhUDvEnA_qm1PN_j8UUeaK-NWkFPDzStD7HghZvNCvmTiamARJqZ8q4Lb1n_AvPxKmIqSI5iDmbSLbvemF99UX9nHG2KHLXNloyFHUfNkts8neMG9mL2bZbZIYhPM3sUAfMyi7xWmdI5SD_R2pld0KUfx6QM-bf5fwOa9hiq2uyeuVMRusR30ecCyOd7B9G9_vSy1xkTCkB_Jk3MY0_D2pePaOknXDUFkRbgGCFjqwrf6BRPDNvkaKubFLDr0I59F7ywkmwjSb9kf9laUNSExZTX0o1ueiobup4hCCZRz4s6MsLpT9uc9sn5dgg693p6pN7WL4_E4e4onE8q5j5awopkwYOvHtyfB4TrzoJ7qkaOMAM-8_q5MmIyVFNJbK_2PiZPX1AbR4HYn3qQGSZVQF6oKLJPgmvhyHgSGqNwLC1012M9uBMvg7Cr45fiqkXmSH8yJuatzBa9kNfeQKrlahTQIVJM03OmcDgRPXFsmUcQe76KBsQhM-Uq9LzuDffhTcZ83DW98dtPgndjSIaxisgp65uY40qoyLgSJl8MUpUP8rjz879oj&cid=CAASPeRoDGPc7aLqibFgckPbP2owVHUOy_9HLfQAhvPKjBFMVA7610FnCbizCKXIePbhA3pJcucC7M5cmTWZA8Q&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8969f0b1ac45e954bb9a37399960566ffb09e578561cbbef980c07a11a84bb90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11490
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 008F 42 B
63 B 66ms
52ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BCuhSBI-OefNbMdFKnzIZ_-NtrZlSjHeIwXfObOdk-mfHN19bGqvBgz61nxCTz1SKMr1NER1zbrtaU3vJ-9ssioKx7nyF2GA6JiQTm8WIrr0z0kic

Requested by

Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 008F 2 KB
1 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 02:22:08 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 008F 116 KB
35 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 008F 13 KB
5 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 01:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 01:44:06 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 008F 0
0 27ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5hfWxWdfOkip9F9wgxKKunb4EAkxHkuZ5zFRW5CtU-68FtpJ2uEjmiqcvT91UsTFpEj6m
Requested by: Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7701 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b41b48a3d15971ea519172e34c9119773e1ae2cd958aedd72ae3562a3a2c62d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 7701 1 KB
2 KB 97ms
82ms Script
application/javascript 13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 01:58:57 GMT
via: 1.1 4f1fb18f52f7f3f86e0c73a59088e8ad.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1427
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 5rDleuBBlFSBG7lnyAXDGx1IWExwJH5WG4MW7L_8nvL2vGNHuxfjrg==

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ Frame 7701 0
178 B 548ms
124ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.opovo.com.br
date: Sat, 01 May 2021 02:22:43 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 501 ADTECH;v=2;cmd=bid;cors=yes;alias=9a5c75e82f45d7;misc=1619835763060; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11471.1/5252473/0/0/ Frame 7701 0
193 B 400ms
368ms XHR
text/plain 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11471.1/5252473/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=9a5c75e82f45d7;misc=1619835763060;
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
server: nginx
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 7701 0
146 B 189ms
62ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.17.0&cb=56737425357
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.opovo.com.br
date: Sat, 01 May 2021 02:22:42 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7701 144 B
1 KB 199ms
84ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6a9acbcad0c40a7aee5418d4a5db41f265247746e7ac82d60591375b27f81aaf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:43 GMT
X-Proxy-Origin: 45.12.220.52; 45.12.220.52; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.244:80
AN-X-Request-Uuid: 0c99b9ea-a8b8-4e9b-83f8-fe7c18e15517
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.opovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ortc-heartbeat1sec-min.js Show response
wfpscripts.webspectator.com/ 76 KB
19 KB 154ms
147ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=A6FA664E77D027BE&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&sr=direct&ts=1619835761474&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:43 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2016 17:07:44 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "ae07ae40393a03d603b6341bf9f7f923"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 19153
x-amz-meta-s3b-last-modified: 20161130T162538Z

GET
H2 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 10 KB
4 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=A6FA664E77D027BE&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&sr=direct&ts=1619835761474&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 03:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80720
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 03:57:23 GMT

GET
H2 200 blockadblock.js Show response
wfpscripts.webspectator.com/adblocker/ 8 KB
3 KB 236ms
235ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=A6FA664E77D027BE&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&sr=direct&ts=1619835761474&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2016 13:22:22 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "0dcdd7a190caf42e7d287645d9ba0303"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 2696

GET
H2 200 ws-4.4.62.js Show response
wfpscripts.webspectator.com/ 81 KB
23 KB 236ms
236ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=A6FA664E77D027BE&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&sr=direct&ts=1619835761474&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:43 GMT
content-encoding: gzip
last-modified: Wed, 06 Mar 2019 17:07:49 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "4e7c8880fbc1b585c27bd698eb84469f"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 23796

GET
H3-29 200 pubads_impl_2021042701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7701 301 KB
106 KB 93ms
91ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108684
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:43 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F4FA 42 B
64 B 161ms
88ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssL6NS9ab1WQwir73u8Il2InnToU9I5FVrFCPt_lpF6ecmWjhoejBB7ACjHkGHEv6kAen0KrmwJYm6u2XI97DoD349VI33VqHwmWM9X1Ao&sig=Cg0ArKJSzMCDkRIlFD4aEAE&id=lidar2&mcvt=1210&p=1103,720,1163,1020&mtos=1210,1210,1210,1210,1210&tos=1210,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2321965323&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619835760661&dlt=0&rpt=2183&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 951E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1

43 B
1012 B

194ms
66ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNW-e7EEMsEd9kS2EBOaRwQdfB48WGM3q_Snu7h0OkgRyFTHFoUtOTPO9XT7RJw_5t9_a-KrfFOZsBbFiYelmus2XQ_OQ2AXaaMMIsxDWGLt9ziZ_aADme5KaHCPOv9ere8JMkqSbhXws500DMte_cAPVMsylm12RIxHCY0vVtfISQMeZjnVwrlm3HRoi3FSm0Gr3SHMAYJBQmeGT3_JlJZ3DPdRnQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 May 2021 02:22:43 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 951E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIy7c.znvwRe6QTa9-WOKAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2

43 B
1012 B

66ms
65ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNW-e7EEMsEd9kS2EBOaRwQdfB48WGM3q_Snu7h0OkgRyFTHFoUtOTPO9XT7RJw_5t9_a-KrfFOZsBbFiYelmus2XQ_OQ2AXaaMMIsxDWGLt9ziZ_aADme5KaHCPOv9ere8JMkqSbhXws500DMte_cAPVMsylm12RIxHCY0vVtfISQMeZjnVwrlm3HRoi3FSm0Gr3SHMAYJBQmeGT3_JlJZ3DPdRnQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 May 2021 02:22:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 951E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1

43 B
1021 B

60ms
60ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNW-e7EEMsEd9kS2EBOaRwQdfB48WGM3q_Snu7h0OkgRyFTHFoUtOTPO9XT7RJw_5t9_a-KrfFOZsBbFiYelmus2XQ_OQ2AXaaMMIsxDWGLt9ziZ_aADme5KaHCPOv9ere8JMkqSbhXws500DMte_cAPVMsylm12RIxHCY0vVtfISQMeZjnVwrlm3HRoi3FSm0Gr3SHMAYJBQmeGT3_JlJZ3DPdRnQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:43 GMT
X-Proxy-Origin: 45.12.220.52; 45.12.220.52; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.132:80
AN-X-Request-Uuid: 7e8916db-036a-4f46-8961-626862ab9dee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 951E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D

170 B
188 B

67ms
66ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:43 GMT
X-Proxy-Origin: 45.12.220.52; 45.12.220.52; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.134:80
AN-X-Request-Uuid: 57ce5b32-e786-47da-84bf-2a222a95fa81
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BED1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1

43 B
1012 B

123ms
90ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNUlxYYpOGWFIpA6w2pSfSnOcBIJxBQsRwx5yTmhZA3kZ6t5v7llvjfJCwg6gWar0qd9Te1H_yX6LbaqkA-s1zVMzgY78G9m10rgBr5MdM5X7o7BXy5UPbQXng9LkhBmSr6MAWUErBvHUKmdKDRHoIb11wyLoskisYYlMcO_ArOY5q3Aa8lZW-I1Gwss1Tm0nMG4tpO2xZz2toGOCIjB58yQU1OMOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 May 2021 02:22:43 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BED1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIy7c.znvwRe6QTa9-WOKAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2

43 B
1012 B

69ms
68ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNUlxYYpOGWFIpA6w2pSfSnOcBIJxBQsRwx5yTmhZA3kZ6t5v7llvjfJCwg6gWar0qd9Te1H_yX6LbaqkA-s1zVMzgY78G9m10rgBr5MdM5X7o7BXy5UPbQXng9LkhBmSr6MAWUErBvHUKmdKDRHoIb11wyLoskisYYlMcO_ArOY5q3Aa8lZW-I1Gwss1Tm0nMG4tpO2xZz2toGOCIjB58yQU1OMOw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 May 2021 02:22:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BED1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1

43 B
1020 B

145ms
52ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY78rPkAEwAQ&v=APEucNUlxYYpOGWFIpA6w2pSfSnOcBIJxBQsRwx5yTmhZA3kZ6t5v7llvjfJCwg6gWar0qd9Te1H_yX6LbaqkA-s1zVMzgY78G9m10rgBr5MdM5X7o7BXy5UPbQXng9LkhBmSr6MAWUErBvHUKmdKDRHoIb11wyLoskisYYlMcO_ArOY5q3Aa8lZW-I1Gwss1Tm0nMG4tpO2xZz2toGOCIjB58yQU1OMOw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:43 GMT
X-Proxy-Origin: 45.12.220.52; 45.12.220.52; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.39:80
AN-X-Request-Uuid: 3ed929e9-5248-47a3-9f1f-847bf305b2ab
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame BED1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D

170 B
188 B

69ms
69ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:43 GMT
X-Proxy-Origin: 45.12.220.52; 45.12.220.52; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.240:80
AN-X-Request-Uuid: c14fe669-49e0-4ae2-bd1e-95dc250403a4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 0k1uvb5ne9s9 Show response
hal9000.redintelligence.net/zone/ Frame 4DE8 11 KB
4 KB 292ms
66ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/0k1uvb5ne9s9?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPM0LbruMYOCTMq-A7_UP-bmVQIGI4dRg-MSb09IM8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9CMpnUzGR9GmswRuaJYabdC3n7EGDJKgwMKVqKTy_kpi6BdDfScPY4d_c8I-DAZo81UwSEsNJoXPXDnsd9CzIBKMGb_Goft3qf0NhLzuxMQDAwxztKQ8j7O8JU7CCAXoNhEwERPGgusSVScErxrn-te6jfjFxA2u0E-1QFvWJo0DaP7fUhoQMPYPwaP3Z2zBjgOLI95QgjEggfHgE1Gyx60in8rj8Bf461wxj-IVgDT5sirWpBlU8BcpVYEtUzYKldxWo8zvwohsGA8BECCfpTABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7_l2DOmCAQZcdE1GvGtCrkQN_UG5sqaAi8OsgWnrbWKkdAsfT-C4TVBU9CaJlxRNcMkxA3pDE309MGw%26sig%3DAOD64_2c-PTTzZoGvHPM9xowku7WXZb_Fw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-ARuZUvyClPgaIHW_kYzBbkwH8IQwULTuURidGIOE41CpP7EmruUCjdeB-DxtsTduhdwW0h1keNmdpOpyNgDjTs5HbOG4yNOQV75k71dIY986G0MfgLJ5Y9Qy-qeBafiOkEGiiNdvWXHXdFs0qvrd88-e8PQQ%26cry%3D1%26dbm_d%3DAKAmf-CwuQ9Old1YNrJbAavPduYRKeigqeCcpbwtSmbLw-gwZH2YLv1wqyQzPJT1tVKbWzSJZCxuql2SAAI5N7LHWWdPxFAQ37BaZrTzsPgt_K6z021gAZd4_jVAYtiz5pCdyhMEoEfONCFyAKgIs-VcLGYt-TPB94Jt7clHL-kA54QcJxfSvpQkslT6D6yXjXue3K0yiAVi09XeCy3jElsT3nzF-sWyEKz8kWGczNGU-4AIGZl_qDCykm1kDfc1Mzn-nqfUk7fKg4-MU4BYvk5YmSIVcqDELqa8HzWpDqYJ05ssVv-r2OKc8nvH9k5SboHq9M6uUvHs4a0aYlvRReL40yxS6njzv4V4PtXVKSllqzPhiOIQVnFbli3wdG2z6aH0D1ELlTOMgfkRX2kdXD0GnLjMOlbqXWyiCNNVnwF5iV8nqvaqK42tBoTtW-eoaGm3koNKJ7Co%26adurl%3D
Requested by: Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 48e8ee1961d403f2eed8b493c75fc816d4a85630a3b3d2bc13b4b7d6a1a3da5c

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 01 May 2021 02:22:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3890
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 008F 22 KB
8 KB 151ms
42ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAhKldwc5QgcGKKWcjPdPtTSgMuqz6HLiKSEclbUdagIM4HcF2DlPqocLjTCev0y25wDz-70_IQtESHcOmSsq5rIek9l-P80evo4jp31QH_TzYmCzK3K59a5Nso8dAIHVHWJSGAQMFqCyzSKQ-tpBEaYtNSA&cry=1&dbm_d=AKAmf-DxhGd1Zj0eBQ2tzUAVNwdRLGtG5pJxjxzUL1lLHOOTFDismFCN76Bc6ZZaN6LqfluROdjMbI_37j-sIrLjhUbJWj_zcJjKY5L0xmBOSMt4QPxozk-WHm3HOkS_7v5TOp1F4HTxK4zQD0k98wuYn9028s3vLUiGhMccBvPEiiotvZ_BXIkNA-LsVmh7wTIIIH-79CIfVrLDeIHnk5nJf16vZvdylOekG37ET9QQd3FDldtiUIWo1AJD9ukbt7qqZ9A7FBXyFdrM2E8fmbFb2jEHakds8MB7xIEtfSsATPnAInPeBt8c4PC8SLhIFvVKXcw-wh4TojnX1YNP0J6cjR_hq4kF62Gh3nOUM89r98CGUY-2_wqzoGpqmY3hzUEKLJT3zPb3egaao_kVTkVlUyv_YfhxkMbyBkQlYKVsyvsnqYCG8neRZtmeTPBsqB0lWT44gNkwJIK5idwhQpgc1W2UkoHz06fyXckmBkUPbsRWgYmMJUhCQe4gbFaZsMbo23YwBgEXf_2cBn8Sv0u1lKJjPLdqH01mUdQ1aAWnI3-r31o8GXsdGfb2OrwGQXmP2Jphnl8ViA3iKoTl2qLLWibNWzTdx-hw8cJqBo06YvVnSg33us_9NTJBzrJOHRVHlRv4W4XxzYiTLYsho_8FKcuijNOgLKEwTZ_3knezQOok_GA_Z9ZlAziX-1Dx4bN-T0lESiBl5O7oS0beK5yEZO56nvAYrgj9Fyh9POynuvqSYLxd6N1tK0iE1wQJ9tzA03sR4vSRfns7b8AkFlFAU_nAFhv01W9JVwgCFKgh2LbH78xie5enngqvMIfsTE7uPzEmWYnyfMfcIGCYQgxjgI5S4EPOsHVra724NG2YdLpJNmqlAZCk8fVdHTy9b0bOWqfuwGIlx2ZHSSX4cN8k8-V_Ak6umAPyo9-DbMCWPHiUXFj2rFr1w0TmVv1bxDfYtOsm6yXNTkhdoQBrMf5NrXx73mcDE7Iu8JDLFZvBE70yQOFGYfsDMNjcwzmbxKgqHouidWFYUjtAyGUzUKTIGh_wOH5ul48ag35jv4he866N_uBdyTHsVRki1wDmIFqRFfA83TJwHmhDVKr9jxLg8q8D3gG_PfOFbn0DnvkE8Ky0VP0adtmt82SM8cV8S_Y7tj-50J1xSeZ5vZgjHknjh1IbR9wgX5TcmjdDwo47i0uyhgV_WiJTs66E2dVdaHARNurvEFVM9MsAhTg5BvVP-c5iiScE13YzZcniqEu0aziSp6XN-Yh9jfGqapHE6ZCuXUBvQN-64SH1FAzBwmrViGIVcQrOp-VrRZ_y9xt1eCVYbBVddh_CcJ4hNIJtokYZmvDXOhks5hzPzJkoQNEEpXjFdUeUZcFWuW61B4iUF-D9WFz8zM1eBKjKSMVAI6NtUwaxF6vOpEJoBZ8uggMADmF9fO3NT3A6YpNpo9JN6me4Q8BhtIkSv9AKpi6fiUbvEMG69GQ74wGdFWLNzFCWFX_4Wy2PnnzTkjYqon6hGe6CkN8PeZoTcnAxxxnL46KH2yAU0GzIJoWRW_vqdXA0GPlX6uplCnaNSip0vmaCtBhbbof4j3HPpcznWgKkKQ3_XWQd4ghMGigGcxIU68m_ylcl7J0StMqPzjcyXI5HeBQK4aJWCJ83XlcfdSTOlaqVWTfTk5v8JrhjCPD-T8CRA0_yFlOE-BiwBvGAEPae0rJiMuUvKp0IE95LRrI4wkqa5q2gGJ-NxSFmwUhfm1r7A_szl-g3lHOFD0LP2AbNhSvvboRO8l5UkSplNBecP4bGxTTbDBaR7vBnOwhytCHxMoVHLLvzow7pxRF2Ov-QaApF1IDs1U1QCbiEo6JVxuTb4Y0izYiOYtFD6Q5P33mGVhWaejHa60RQ6LHQe4qI7mVdNNQ7In4O-4FEgiCyVxg56evftKWrxdkSsdr0sg_zeSwGsrYB-Z8WMAjjJz4n7Pvxtc81i_KZ6ZzoWCt0MrL4ZPrwuzfItfzQMGMoS17LuDGgjxljA_7gFuce2Q4wOJEzEvkSyZidUI0bUxxCnHKLCSJtBdCv-v9VW9OkvlOnvFbpjvJmAN6x-aQyTNIDtkMHMy6bZwDHW2NoPEI3DxhBax2XN3jaYDFZVU8wh9KsSX7nQ81l6fpRMIhzJ2ByrG7zo_ZdIC65NxVzxKRUS_gzFgc-wM8x31OgW3tVvL9TWid2aozPip4qyt6wL1ivr0xiPy0Tsjt5MUy3QlMs7B_lELOKCwgi1X73-jWgxcGlKESorFuDqWs-56A8my41uGK_B2H98anZey4_C82xRJSGdaD2PI2s4p7ZB1G9I5DPfTiG6yTqWs7dviyg3z29HvIruCgdkZgT5KRriunWGIlQIqxoWIZt347OIFYJaNiTQ7iNDa2ZhR6kDY_yND2xcECXQvYz36Qq_3OsaTaYcUCJyef25YbtM4JdTxQFxsqAW44NGaaR-AZ77opKd4HqnThn6ky2yOoCwdKuAS7AbfXx3OzjDD2TRE00VdtM-75kRjcsOAiMRKwXEy9duksjh_Ng-9u7HrMBAz70IqP4ViqIoDbnoo0WzX3VRxXS9X5d2pZ68BTpxupLPM59B2gCO2rcLAXZl1jxMm_FZe7QFarTx62oEXIVj_JRFpQhK07GhUDvEnA_qm1PN_j8UUeaK-NWkFPDzStD7HghZvNCvmTiamARJqZ8q4Lb1n_AvPxKmIqSI5iDmbSLbvemF99UX9nHG2KHLXNloyFHUfNkts8neMG9mL2bZbZIYhPM3sUAfMyi7xWmdI5SD_R2pld0KUfx6QM-bf5fwOa9hiq2uyeuVMRusR30ecCyOd7B9G9_vSy1xkTCkB_Jk3MY0_D2pePaOknXDUFkRbgGCFjqwrf6BRPDNvkaKubFLDr0I59F7ywkmwjSb9kf9laUNSExZTX0o1ueiobup4hCCZRz4s6MsLpT9uc9sn5dgg693p6pN7WL4_E4e4onE8q5j5awopkwYOvHtyfB4TrzoJ7qkaOMAM-8_q5MmIyVFNJbK_2PiZPX1AbR4HYn3qQGSZVQF6oKLJPgmvhyHgSGqNwLC1012M9uBMvg7Cr45fiqkXmSH8yJuatzBa9kNfeQKrlahTQIVJM03OmcDgRPXFsmUcQe76KBsQhM-Uq9LzuDffhTcZ83DW98dtPgndjSIaxisgp65uY40qoyLgSJl8MUpUP8rjz879oj&cid=CAASPeRoDGPc7aLqibFgckPbP2owVHUOy_9HLfQAhvPKjBFMVA7610FnCbizCKXIePbhA3pJcucC7M5cmTWZA8Q&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 13470574408442207528
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 May 2021 02:05:57 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 008F 41 KB
15 KB 182ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 14:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42696
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 14:31:07 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A980 42 B
64 B 158ms
50ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0tfAnpplojKTi27JDvmVlvJpJCo4T5VayZmjMthvhUFMwd__PC-8nTPRw_AnRac2Lg8hgbVCXaAGbdvNZFvA_Z5nIWygdhIzpEWW9S4E&sig=Cg0ArKJSzK8nLeZUuZknEAE&id=lidar2&mcvt=1044&p=1140,640,1200,1108&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=765604454&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619835760054&dlt=0&rpt=2545&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0D12 22 KB
8 KB 149ms
43ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 30 Apr 2021 14:31:09 GMT
expires: Sat, 30 Apr 2022 14:31:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42694
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C44F 22 KB
8 KB 78ms
42ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 30 Apr 2021 14:31:09 GMT
expires: Sat, 30 Apr 2022 14:31:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42694
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 b
sb.scorecardresearch.com/ Frame 7701 0
336 B 209ms
118ms Image
text/plain 13.224.106.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=28130334&ns__t=1619835763376&ns_c=UTF-8&ns_if=1&cv=3.5&c8=ALERT%20TEMPLATE%20%7C%20NOBETA&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-54.mad50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:43 GMT
via: 1.1 4f1fb18f52f7f3f86e0c73a59088e8ad.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: c6Hmk7U36Ew0zTgR911MyfrENucBl2e2UEVRzBSasbvJ91ZY1jYPow==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK kpiwv0qvkluh Show response
hal9000.redintelligence.net/zone/ Frame F484 11 KB
4 KB 241ms
62ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/kpiwv0qvkluh?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7pqRbruMYN-TMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBM4BT9BMSc-Tbd9nNZpPw1NQzXowBFnNaXo6f5z5PtAei8ksoiEdUGWruPqHO1o-5Qx4cw5q05U91KfFucZxggMQko1oZuLMACw5CavRhiS97sV2Zd6kyhg01EbFDg_tHvpotXHt_i6NaoSWBqDzI9CPcOr6zk6Wh3Suj6F3A1aS5fDnhSZ2vhlipjxiDIdmebUK2NaUzUunt5CSJ8dLtCyQR8ZyIudWIEcaONKPSMgdMRZh38JutVgSuZLv5XbJrHV9f_jnkVxHfzTGuJrhcwvABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7snDFDaDBJaK2MIjd0jj5xjgD8QPiHCmhAQs7dCg449BsCCXJlaeF51YVgRuDZKQcP1OSuXJQUIfUfg%26sig%3DAOD64_1MhaQ-rAZbt93CmJ2R92WvVc-UgQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Ag1f3Qx34JbVuBu5FuzQ9PiQiV_pW_7as60D6iAkrQVDhVs5qMYS5ct1tXa1QpgCtWB_ZFum9r9xUXPWQU0DSOz774baXmBR6g7MaJzWNYPwe156GEgq3IlkKcH6GrtIgAStJiFMiiY79jaZYYG-UcB-rMvA%26cry%3D1%26dbm_d%3DAKAmf-A1MXZmeDe7A0wZUkUKAMGWRMz08kqOch4DYyuSyFiBb7clW0EhMocPVsZk0tRaRCQBT0Y_tQd-3zido79lm8fbQKBuKPc4ZH0qn440sevOvbDRCVWQHT5naG8qKB2mZMD5KsZGB_DCZQXyX1_7PTuShVB9Y8jL619kvqjmVT_atu5pMFGCQpqB_-Mz3NZ1EJehmvELC11jnUTsffx4Z8AlyVUQsQaVSv-7LEylckSt4JZnsxosmj9i54f0-32DoJq5jnJ66JhtlcB47I1q_nuJnGVWa0AeTZLSqWAy_M489_XT0MU7_GaZ5Se4gGiFhsvR2TmL8xJryBcaiLhBocZ5iNVgQ6sUOr0Wp_8dUrxml4sX4Nv18gP9qEi12EkmR-oJlUUBhcslRWlh3SQJB8XkWWJ4p2dtIbogfrMqRNKBpumlHTn5BFkBYcNO5sj3dugFQdZZ%26adurl%3D
Requested by: Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 3448a86642977e26e8616b60918559d4360d4532916556e8b32c82997e10d658

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 01 May 2021 02:22:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3884
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DDA6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1

43 B
1012 B

120ms
84ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVd1VysexoQNR5pzKnXxqmliuTh0-ydqIVBPjK6Z5vNJ53krnSHNFzgZjPVSeTpAsyATnE33SRkWYsRPihaY8-twaL4nfF_vVAfGOaMLRtKH9Hj6OM_1A-v5abjSTeCmWWqAxOkoT7mOJiZOtdvxitEAnvzRdrlsMROzV1xUIr8I9BgKr7xw0iO1aQ7GeRaruXk-ATSPnphrJPHfbF0TmDiCN0W7g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 May 2021 02:22:43 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DDA6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIy7c.znvwRe6QTa9-WOKAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2

43 B
1012 B

65ms
64ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVd1VysexoQNR5pzKnXxqmliuTh0-ydqIVBPjK6Z5vNJ53krnSHNFzgZjPVSeTpAsyATnE33SRkWYsRPihaY8-twaL4nfF_vVAfGOaMLRtKH9Hj6OM_1A-v5abjSTeCmWWqAxOkoT7mOJiZOtdvxitEAnvzRdrlsMROzV1xUIr8I9BgKr7xw0iO1aQ7GeRaruXk-ATSPnphrJPHfbF0TmDiCN0W7g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 May 2021 02:22:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBG4XScGahf1mvHxLZOPWK8&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DDA6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1

43 B
1021 B

178ms
52ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYwMLtSTAB&v=APEucNVd1VysexoQNR5pzKnXxqmliuTh0-ydqIVBPjK6Z5vNJ53krnSHNFzgZjPVSeTpAsyATnE33SRkWYsRPihaY8-twaL4nfF_vVAfGOaMLRtKH9Hj6OM_1A-v5abjSTeCmWWqAxOkoT7mOJiZOtdvxitEAnvzRdrlsMROzV1xUIr8I9BgKr7xw0iO1aQ7GeRaruXk-ATSPnphrJPHfbF0TmDiCN0W7g

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:43 GMT
X-Proxy-Origin: 45.12.220.52; 45.12.220.52; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.153:80
AN-X-Request-Uuid: ec44b9dd-f854-4f91-afb6-351b7272c472
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJWtNEBRra2bSluohka1i1U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DDA6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D

170 B
188 B

97ms
96ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:43 GMT
X-Proxy-Origin: 45.12.220.52; 45.12.220.52; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.219:80
AN-X-Request-Uuid: 2a9d1064-6155-48a4-af11-173f72acf71d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxNTU1OTQyMjk5MDA1Nzk1Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame EAE5 726 B
767 B 1126ms
1125ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/20&eolid=5675027261&eci=138347231030&ct=%7B%7D&w=970&h=90&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: f9e4d81a96976cb41f5afacd1baa70f7b2cb5fcfbf3dccad20d27b776bd491b8

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 1D1E 717 B
753 B 1710ms
1119ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/25&eolid=5677262793&eci=138348173431&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: ec5798bb1c919cfafcd77c32cf82c4c6bb8c78b1b894a60a0c84871dad1d4765

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:45 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 6947 736 B
781 B 1718ms
1134ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/24&eolid=5677639880&eci=138347601690&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 7a2a66b0c0a553bfed64222bca5779b048a8036ae5ebfa2b3a5a0509ef4a24c1

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:45 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame EA01 736 B
779 B 1698ms
1122ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/28&eolid=5395992609&eci=138337188415&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 72c2b84424cf08a672b5ebb8a1aa2958aaa86e26cebf74e6b933ee8df684c413

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:45 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame DCFA 727 B
767 B 1693ms
1133ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/2124&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 70f9dd3398ae47c4a8aa91ae9405e0190099984b28f35115da7d2d0e70450a97

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:45 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame DC7A 791 B
812 B 1661ms
1124ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/banner_bottom_desktop&eolid=5675760410&eci=138347374755&ct=%7B%7D&w=468&h=60&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: b680ed5f77f73441fec0059df10a170e46468b01bcf61f8b696af8996c9d06a9

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:45 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 5246 727 B
767 B 1179ms
129ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/billboard_home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: dc9c127f48bb67af3a8bbe1344f02e911c0d3f665c90a4aa73bfcea8f98dfa00

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame B759 727 B
768 B 1300ms
126ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/29&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 590ec95ca64876fc843f5cced8e05e5c5d42c72da01c2fe586dc78128950457b

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
msgws.webspectator.com/server/ssl/2.1/ 67 B
248 B 762ms
126ms Script
text/javascript 34.234.140.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://msgws.webspectator.com/server/ssl/2.1/?guid=14758689-e98f-b82f-0c61-5cc040882613&appkey=w5tlOg
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.140.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-140-75.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 01 May 2021 02:22:44 GMT
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7701 107 B
799 B 426ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7701 107 B
165 B 37ms
25ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7701 440 B
258 B 179ms
168ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2540861801181837&correlator=2151413207055778&output=ldjh&impl=fifs&eid=31060789&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210501&iu_parts=150684666%2Copovo.alert&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C468x100%7C320x50%7C336x280%7C250x250%7C320x100%7C300x250%7C300x100%7C468x60&fluid=height&eri=5&cookie=ID%3D417d03c49398cb63-22e8a932fac700d4%3AT%3D1619835758%3AS%3DALNI_MZ48_0puSC5mhfdXjgxhQ6LUvQFKw&bc=31&abxe=1&dt=1619835763881&dlt=1619835761593&idt=1848&ea=0&frm=23&biw=1600&bih=1200&isw=470&ish=290&oid=3&adxs=-12245933&adys=-12245933&adks=2027262203&ucis=e87gyb5x8low&ifi=1&ifk=3747141809&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.opovo.com.br%2F&top=www.opovo.com.br&vis=1&dmc=8&scr_x=0&scr_y=0&psz=472x136&msz=0x-1&ga_vid=2016480965.1619835764&ga_sid=1619835764&ga_hid=168786333&ga_fc=false&fws=388&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

45e1a1aa627c41278bca61277e00d2c586b199690f7cd3a638d6f52d94167b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
58e2acf83643c74b737b9701b15829f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7701 0
0 36ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://58e2acf83643c74b737b9701b15829f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 7701 0
0 9ms
8ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK kpiwv0qvkluh Show response
hal9000.redintelligence.net/zone/ Frame 008F 11 KB
4 KB 194ms
63ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/kpiwv0qvkluh?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC04yibruMYOGTMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9A2zeZoVKSM96QOdupmDmnmtHQfdx9HFXcxa-ah6XpK_c5tpLJulU0c0pvniwfWWSjsvYnwz9ssVSyaM6-KWFAHz8DeYqTNGywfUPzagqy8EYExsZzvjdY5FfHhGEsFeju247BCKOiPl16-H3Q0AhrKcaJBDe_J9ZGqctZ1YpHuJU6ckYfyCTU0FEp0HNJkig6nv7oEwSDQJ1HWDEA-EzIDzG2TjM87DL-Qhmg1OlwIGlEDKlN7elB7blnkUhdXWeM_YcgSDjrnDHHXxpodzFfABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoDGPc7aLqibFgckPbP2owVHUOy_9HLfQAhvPKjBFMVA7610FnCbizCKXIePbhA3pJcucC7M5cmTWZA8Q%26sig%3DAOD64_0cBdE0nDMgb2enG1DTlGXVLjNrlw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BtIA8yBvZsCg9df7Cato9w7-02hEeJEmbEe1_Xc6yKX_mLL1UhkdXbdhbHtCrazPndi8rISAeFPIWha5w5XwcIQ33nhUdnAojKIyAo7nUyAUyswt8JPne06JzRWO2ZX6b5Lk8vdYVTVMvpAORy-X_jzrTmTA%26cry%3D1%26dbm_d%3DAKAmf-BgpxGnPiD4OQpPQ0XyDfy9AjxrctnTLTpbJAC02yaJbrBXPput-i5tEMv-Eitu2jp3O2ad9lTaq6vnFXCXAfHKqXHYba3-7K6K7tCTfhk4junRTX6SyP6Wa_rN0-fqQZnEvL-uui0SQ2lvn2qlH0hc7hJklPl0Cu5XTi2_NDoLgE9U7SyfIZ09nH97adq1pKRj2CT-C8f7DNxQwPYnsl9zZfd2aLwb1AHwnEqDuwbyb_cmpPTLp92jxAsJzKoAJXxeg23xtQsu6wfP8QVX7Z7ian5IVEkTnGXEKDCE7NNmYJ5ZfxBQE8RsEBgi81sJ6G1dQzk45pDlEyExSF4LcLZ4kWKy8CgmqfTG1cumV5dIov-zm_Fw6J4I81bED2ZbDvMOMvs7NSHq6ciVYOFKT6JLHRcSqnr01KqZDcnrWjpdGC_yrwgCI2jJxz5ab7oIal1OfkxK%26adurl%3D
Requested by: Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 09a9f142c7f1a54139341e744a94a0f68b49d46faa6e6f984736783c630674f2

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 01 May 2021 02:22:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3888
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C09B 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 30 Apr 2021 14:31:09 GMT
expires: Sat, 30 Apr 2022 14:31:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42695
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

request.php Show response
hal900012.redintelligence.net/ Frame 4DE8
Redirect Chain

https://hal900012.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=4cc001b15e&subid=&uid=c47263a66f78cb56&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900012.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=4cc001b15e&subid=&uid=c47263a66f78cb56&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
934 B

246ms
120ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=4cc001b15e&subid=&uid=c47263a66f78cb56&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPM0LbruMYOCTMq-A7_UP-bmVQIGI4dRg-MSb09IM8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9CMpnUzGR9GmswRuaJYabdC3n7EGDJKgwMKVqKTy_kpi6BdDfScPY4d_c8I-DAZo81UwSEsNJoXPXDnsd9CzIBKMGb_Goft3qf0NhLzuxMQDAwxztKQ8j7O8JU7CCAXoNhEwERPGgusSVScErxrn-te6jfjFxA2u0E-1QFvWJo0DaP7fUhoQMPYPwaP3Z2zBjgOLI95QgjEggfHgE1Gyx60in8rj8Bf461wxj-IVgDT5sirWpBlU8BcpVYEtUzYKldxWo8zvwohsGA8BECCfpTABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7_l2DOmCAQZcdE1GvGtCrkQN_UG5sqaAi8OsgWnrbWKkdAsfT-C4TVBU9CaJlxRNcMkxA3pDE309MGw%26sig%3DAOD64_2c-PTTzZoGvHPM9xowku7WXZb_Fw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-ARuZUvyClPgaIHW_kYzBbkwH8IQwULTuURidGIOE41CpP7EmruUCjdeB-DxtsTduhdwW0h1keNmdpOpyNgDjTs5HbOG4yNOQV75k71dIY986G0MfgLJ5Y9Qy-qeBafiOkEGiiNdvWXHXdFs0qvrd88-e8PQQ%26cry%3D1%26dbm_d%3DAKAmf-CwuQ9Old1YNrJbAavPduYRKeigqeCcpbwtSmbLw-gwZH2YLv1wqyQzPJT1tVKbWzSJZCxuql2SAAI5N7LHWWdPxFAQ37BaZrTzsPgt_K6z021gAZd4_jVAYtiz5pCdyhMEoEfONCFyAKgIs-VcLGYt-TPB94Jt7clHL-kA54QcJxfSvpQkslT6D6yXjXue3K0yiAVi09XeCy3jElsT3nzF-sWyEKz8kWGczNGU-4AIGZl_qDCykm1kDfc1Mzn-nqfUk7fKg4-MU4BYvk5YmSIVcqDELqa8HzWpDqYJ05ssVv-r2OKc8nvH9k5SboHq9M6uUvHs4a0aYlvRReL40yxS6njzv4V4PtXVKSllqzPhiOIQVnFbli3wdG2z6aH0D1ELlTOMgfkRX2kdXD0GnLjMOlbqXWyiCNNVnwF5iV8nqvaqK42tBoTtW-eoaGm3koNKJ7Co%26adurl%3D&documentReferer=https%3A%2F%2Fdded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fdded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.opovo.com.br&random=6879618782048&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 9947811e593019b2a43bf841a97e04207fec2882cd3fa5c1a541530b234622ce

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 40650600012381000044684011581012
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 328
Expires: Sat, 01 May 2021 03:22:44 +0200

Redirect headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=4cc001b15e&subid=&uid=c47263a66f78cb56&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPM0LbruMYOCTMq-A7_UP-bmVQIGI4dRg-MSb09IM8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9CMpnUzGR9GmswRuaJYabdC3n7EGDJKgwMKVqKTy_kpi6BdDfScPY4d_c8I-DAZo81UwSEsNJoXPXDnsd9CzIBKMGb_Goft3qf0NhLzuxMQDAwxztKQ8j7O8JU7CCAXoNhEwERPGgusSVScErxrn-te6jfjFxA2u0E-1QFvWJo0DaP7fUhoQMPYPwaP3Z2zBjgOLI95QgjEggfHgE1Gyx60in8rj8Bf461wxj-IVgDT5sirWpBlU8BcpVYEtUzYKldxWo8zvwohsGA8BECCfpTABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7_l2DOmCAQZcdE1GvGtCrkQN_UG5sqaAi8OsgWnrbWKkdAsfT-C4TVBU9CaJlxRNcMkxA3pDE309MGw%26sig%3DAOD64_2c-PTTzZoGvHPM9xowku7WXZb_Fw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-ARuZUvyClPgaIHW_kYzBbkwH8IQwULTuURidGIOE41CpP7EmruUCjdeB-DxtsTduhdwW0h1keNmdpOpyNgDjTs5HbOG4yNOQV75k71dIY986G0MfgLJ5Y9Qy-qeBafiOkEGiiNdvWXHXdFs0qvrd88-e8PQQ%26cry%3D1%26dbm_d%3DAKAmf-CwuQ9Old1YNrJbAavPduYRKeigqeCcpbwtSmbLw-gwZH2YLv1wqyQzPJT1tVKbWzSJZCxuql2SAAI5N7LHWWdPxFAQ37BaZrTzsPgt_K6z021gAZd4_jVAYtiz5pCdyhMEoEfONCFyAKgIs-VcLGYt-TPB94Jt7clHL-kA54QcJxfSvpQkslT6D6yXjXue3K0yiAVi09XeCy3jElsT3nzF-sWyEKz8kWGczNGU-4AIGZl_qDCykm1kDfc1Mzn-nqfUk7fKg4-MU4BYvk5YmSIVcqDELqa8HzWpDqYJ05ssVv-r2OKc8nvH9k5SboHq9M6uUvHs4a0aYlvRReL40yxS6njzv4V4PtXVKSllqzPhiOIQVnFbli3wdG2z6aH0D1ELlTOMgfkRX2kdXD0GnLjMOlbqXWyiCNNVnwF5iV8nqvaqK42tBoTtW-eoaGm3koNKJ7Co%26adurl%3D&documentReferer=https%3A%2F%2Fdded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fdded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.opovo.com.br&random=6879618782048&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 01 May 2021 03:22:44 +0200

GET
H/1.1

200
OK

request.php Show response
hal90006.redintelligence.net/ Frame F484
Redirect Chain

https://hal90006.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=f49091f29e&subid=&uid=1687c655295cc35e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90006.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=f49091f29e&subid=&uid=1687c655295cc35e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

612 B
935 B

248ms
127ms

Script
application/x-javascript

138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=f49091f29e&subid=&uid=1687c655295cc35e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7pqRbruMYN-TMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBM4BT9BMSc-Tbd9nNZpPw1NQzXowBFnNaXo6f5z5PtAei8ksoiEdUGWruPqHO1o-5Qx4cw5q05U91KfFucZxggMQko1oZuLMACw5CavRhiS97sV2Zd6kyhg01EbFDg_tHvpotXHt_i6NaoSWBqDzI9CPcOr6zk6Wh3Suj6F3A1aS5fDnhSZ2vhlipjxiDIdmebUK2NaUzUunt5CSJ8dLtCyQR8ZyIudWIEcaONKPSMgdMRZh38JutVgSuZLv5XbJrHV9f_jnkVxHfzTGuJrhcwvABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7snDFDaDBJaK2MIjd0jj5xjgD8QPiHCmhAQs7dCg449BsCCXJlaeF51YVgRuDZKQcP1OSuXJQUIfUfg%26sig%3DAOD64_1MhaQ-rAZbt93CmJ2R92WvVc-UgQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Ag1f3Qx34JbVuBu5FuzQ9PiQiV_pW_7as60D6iAkrQVDhVs5qMYS5ct1tXa1QpgCtWB_ZFum9r9xUXPWQU0DSOz774baXmBR6g7MaJzWNYPwe156GEgq3IlkKcH6GrtIgAStJiFMiiY79jaZYYG-UcB-rMvA%26cry%3D1%26dbm_d%3DAKAmf-A1MXZmeDe7A0wZUkUKAMGWRMz08kqOch4DYyuSyFiBb7clW0EhMocPVsZk0tRaRCQBT0Y_tQd-3zido79lm8fbQKBuKPc4ZH0qn440sevOvbDRCVWQHT5naG8qKB2mZMD5KsZGB_DCZQXyX1_7PTuShVB9Y8jL619kvqjmVT_atu5pMFGCQpqB_-Mz3NZ1EJehmvELC11jnUTsffx4Z8AlyVUQsQaVSv-7LEylckSt4JZnsxosmj9i54f0-32DoJq5jnJ66JhtlcB47I1q_nuJnGVWa0AeTZLSqWAy_M489_XT0MU7_GaZ5Se4gGiFhsvR2TmL8xJryBcaiLhBocZ5iNVgQ6sUOr0Wp_8dUrxml4sX4Nv18gP9qEi12EkmR-oJlUUBhcslRWlh3SQJB8XkWWJ4p2dtIbogfrMqRNKBpumlHTn5BFkBYcNO5sj3dugFQdZZ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=8639815311983&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d801970d7e3afd7312616bd6285d75c8e2652138458fbdafeb8f712b29aa677f

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 89790600014696800044682011581006
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Sat, 01 May 2021 03:22:44 +0200

Redirect headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=f49091f29e&subid=&uid=1687c655295cc35e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7pqRbruMYN-TMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBM4BT9BMSc-Tbd9nNZpPw1NQzXowBFnNaXo6f5z5PtAei8ksoiEdUGWruPqHO1o-5Qx4cw5q05U91KfFucZxggMQko1oZuLMACw5CavRhiS97sV2Zd6kyhg01EbFDg_tHvpotXHt_i6NaoSWBqDzI9CPcOr6zk6Wh3Suj6F3A1aS5fDnhSZ2vhlipjxiDIdmebUK2NaUzUunt5CSJ8dLtCyQR8ZyIudWIEcaONKPSMgdMRZh38JutVgSuZLv5XbJrHV9f_jnkVxHfzTGuJrhcwvABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7snDFDaDBJaK2MIjd0jj5xjgD8QPiHCmhAQs7dCg449BsCCXJlaeF51YVgRuDZKQcP1OSuXJQUIfUfg%26sig%3DAOD64_1MhaQ-rAZbt93CmJ2R92WvVc-UgQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Ag1f3Qx34JbVuBu5FuzQ9PiQiV_pW_7as60D6iAkrQVDhVs5qMYS5ct1tXa1QpgCtWB_ZFum9r9xUXPWQU0DSOz774baXmBR6g7MaJzWNYPwe156GEgq3IlkKcH6GrtIgAStJiFMiiY79jaZYYG-UcB-rMvA%26cry%3D1%26dbm_d%3DAKAmf-A1MXZmeDe7A0wZUkUKAMGWRMz08kqOch4DYyuSyFiBb7clW0EhMocPVsZk0tRaRCQBT0Y_tQd-3zido79lm8fbQKBuKPc4ZH0qn440sevOvbDRCVWQHT5naG8qKB2mZMD5KsZGB_DCZQXyX1_7PTuShVB9Y8jL619kvqjmVT_atu5pMFGCQpqB_-Mz3NZ1EJehmvELC11jnUTsffx4Z8AlyVUQsQaVSv-7LEylckSt4JZnsxosmj9i54f0-32DoJq5jnJ66JhtlcB47I1q_nuJnGVWa0AeTZLSqWAy_M489_XT0MU7_GaZ5Se4gGiFhsvR2TmL8xJryBcaiLhBocZ5iNVgQ6sUOr0Wp_8dUrxml4sX4Nv18gP9qEi12EkmR-oJlUUBhcslRWlh3SQJB8XkWWJ4p2dtIbogfrMqRNKBpumlHTn5BFkBYcNO5sj3dugFQdZZ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=8639815311983&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 01 May 2021 03:22:44 +0200

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D12 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 23:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 12077
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Sat, 30 Apr 2022 23:01:26 GMT

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame C44F 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 23:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 12077
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Sat, 30 Apr 2022 23:01:26 GMT

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame 008F
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=7718a882ff&subid=&uid=0ea908aeeb15ead0&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=7718a882ff&subid=&uid=0ea908aeeb15ead0&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

612 B
937 B

249ms
115ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=7718a882ff&subid=&uid=0ea908aeeb15ead0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC04yibruMYOGTMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9A2zeZoVKSM96QOdupmDmnmtHQfdx9HFXcxa-ah6XpK_c5tpLJulU0c0pvniwfWWSjsvYnwz9ssVSyaM6-KWFAHz8DeYqTNGywfUPzagqy8EYExsZzvjdY5FfHhGEsFeju247BCKOiPl16-H3Q0AhrKcaJBDe_J9ZGqctZ1YpHuJU6ckYfyCTU0FEp0HNJkig6nv7oEwSDQJ1HWDEA-EzIDzG2TjM87DL-Qhmg1OlwIGlEDKlN7elB7blnkUhdXWeM_YcgSDjrnDHHXxpodzFfABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoDGPc7aLqibFgckPbP2owVHUOy_9HLfQAhvPKjBFMVA7610FnCbizCKXIePbhA3pJcucC7M5cmTWZA8Q%26sig%3DAOD64_0cBdE0nDMgb2enG1DTlGXVLjNrlw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BtIA8yBvZsCg9df7Cato9w7-02hEeJEmbEe1_Xc6yKX_mLL1UhkdXbdhbHtCrazPndi8rISAeFPIWha5w5XwcIQ33nhUdnAojKIyAo7nUyAUyswt8JPne06JzRWO2ZX6b5Lk8vdYVTVMvpAORy-X_jzrTmTA%26cry%3D1%26dbm_d%3DAKAmf-BgpxGnPiD4OQpPQ0XyDfy9AjxrctnTLTpbJAC02yaJbrBXPput-i5tEMv-Eitu2jp3O2ad9lTaq6vnFXCXAfHKqXHYba3-7K6K7tCTfhk4junRTX6SyP6Wa_rN0-fqQZnEvL-uui0SQ2lvn2qlH0hc7hJklPl0Cu5XTi2_NDoLgE9U7SyfIZ09nH97adq1pKRj2CT-C8f7DNxQwPYnsl9zZfd2aLwb1AHwnEqDuwbyb_cmpPTLp92jxAsJzKoAJXxeg23xtQsu6wfP8QVX7Z7ian5IVEkTnGXEKDCE7NNmYJ5ZfxBQE8RsEBgi81sJ6G1dQzk45pDlEyExSF4LcLZ4kWKy8CgmqfTG1cumV5dIov-zm_Fw6J4I81bED2ZbDvMOMvs7NSHq6ciVYOFKT6JLHRcSqnr01KqZDcnrWjpdGC_yrwgCI2jJxz5ab7oIal1OfkxK%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=7152345628707&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
URL: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7dfe3f3ef0f6fc918e3a2cc63c32dbba6bac0912525f92f868784e7df2d9695d

Request headers

Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 95190200015610300044682011581008
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Sat, 01 May 2021 03:22:44 +0200

Redirect headers

Pragma: no-cache
Date: Sat, 01 May 2021 02:22:44 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=7718a882ff&subid=&uid=0ea908aeeb15ead0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC04yibruMYOGTMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9A2zeZoVKSM96QOdupmDmnmtHQfdx9HFXcxa-ah6XpK_c5tpLJulU0c0pvniwfWWSjsvYnwz9ssVSyaM6-KWFAHz8DeYqTNGywfUPzagqy8EYExsZzvjdY5FfHhGEsFeju247BCKOiPl16-H3Q0AhrKcaJBDe_J9ZGqctZ1YpHuJU6ckYfyCTU0FEp0HNJkig6nv7oEwSDQJ1HWDEA-EzIDzG2TjM87DL-Qhmg1OlwIGlEDKlN7elB7blnkUhdXWeM_YcgSDjrnDHHXxpodzFfABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoDGPc7aLqibFgckPbP2owVHUOy_9HLfQAhvPKjBFMVA7610FnCbizCKXIePbhA3pJcucC7M5cmTWZA8Q%26sig%3DAOD64_0cBdE0nDMgb2enG1DTlGXVLjNrlw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BtIA8yBvZsCg9df7Cato9w7-02hEeJEmbEe1_Xc6yKX_mLL1UhkdXbdhbHtCrazPndi8rISAeFPIWha5w5XwcIQ33nhUdnAojKIyAo7nUyAUyswt8JPne06JzRWO2ZX6b5Lk8vdYVTVMvpAORy-X_jzrTmTA%26cry%3D1%26dbm_d%3DAKAmf-BgpxGnPiD4OQpPQ0XyDfy9AjxrctnTLTpbJAC02yaJbrBXPput-i5tEMv-Eitu2jp3O2ad9lTaq6vnFXCXAfHKqXHYba3-7K6K7tCTfhk4junRTX6SyP6Wa_rN0-fqQZnEvL-uui0SQ2lvn2qlH0hc7hJklPl0Cu5XTi2_NDoLgE9U7SyfIZ09nH97adq1pKRj2CT-C8f7DNxQwPYnsl9zZfd2aLwb1AHwnEqDuwbyb_cmpPTLp92jxAsJzKoAJXxeg23xtQsu6wfP8QVX7Z7ian5IVEkTnGXEKDCE7NNmYJ5ZfxBQE8RsEBgi81sJ6G1dQzk45pDlEyExSF4LcLZ4kWKy8CgmqfTG1cumV5dIov-zm_Fw6J4I81bED2ZbDvMOMvs7NSHq6ciVYOFKT6JLHRcSqnr01KqZDcnrWjpdGC_yrwgCI2jJxz5ab7oIal1OfkxK%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=7152345628707&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 01 May 2021 03:22:44 +0200

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7701 10 KB
7 KB 19ms
18ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6f9382b5040d405ee77c09656640adcb5be12733d80e4b380e59ac3d2b3c7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7648
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7701 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:44 GMT

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame C09B 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 23:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 12078
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Sat, 30 Apr 2022 23:01:26 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FF53 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 01 May 2021 00:34:05 GMT
expires: Sun, 01 May 2022 00:34:05 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6519
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame C2A9 6 KB
2 KB 197ms
64ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=40650600012381000044684011581012&a=b0fac3e9
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=4cc001b15e&subid=&uid=c47263a66f78cb56&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPM0LbruMYOCTMq-A7_UP-bmVQIGI4dRg-MSb09IM8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9CMpnUzGR9GmswRuaJYabdC3n7EGDJKgwMKVqKTy_kpi6BdDfScPY4d_c8I-DAZo81UwSEsNJoXPXDnsd9CzIBKMGb_Goft3qf0NhLzuxMQDAwxztKQ8j7O8JU7CCAXoNhEwERPGgusSVScErxrn-te6jfjFxA2u0E-1QFvWJo0DaP7fUhoQMPYPwaP3Z2zBjgOLI95QgjEggfHgE1Gyx60in8rj8Bf461wxj-IVgDT5sirWpBlU8BcpVYEtUzYKldxWo8zvwohsGA8BECCfpTABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7_l2DOmCAQZcdE1GvGtCrkQN_UG5sqaAi8OsgWnrbWKkdAsfT-C4TVBU9CaJlxRNcMkxA3pDE309MGw%26sig%3DAOD64_2c-PTTzZoGvHPM9xowku7WXZb_Fw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-ARuZUvyClPgaIHW_kYzBbkwH8IQwULTuURidGIOE41CpP7EmruUCjdeB-DxtsTduhdwW0h1keNmdpOpyNgDjTs5HbOG4yNOQV75k71dIY986G0MfgLJ5Y9Qy-qeBafiOkEGiiNdvWXHXdFs0qvrd88-e8PQQ%26cry%3D1%26dbm_d%3DAKAmf-CwuQ9Old1YNrJbAavPduYRKeigqeCcpbwtSmbLw-gwZH2YLv1wqyQzPJT1tVKbWzSJZCxuql2SAAI5N7LHWWdPxFAQ37BaZrTzsPgt_K6z021gAZd4_jVAYtiz5pCdyhMEoEfONCFyAKgIs-VcLGYt-TPB94Jt7clHL-kA54QcJxfSvpQkslT6D6yXjXue3K0yiAVi09XeCy3jElsT3nzF-sWyEKz8kWGczNGU-4AIGZl_qDCykm1kDfc1Mzn-nqfUk7fKg4-MU4BYvk5YmSIVcqDELqa8HzWpDqYJ05ssVv-r2OKc8nvH9k5SboHq9M6uUvHs4a0aYlvRReL40yxS6njzv4V4PtXVKSllqzPhiOIQVnFbli3wdG2z6aH0D1ELlTOMgfkRX2kdXD0GnLjMOlbqXWyiCNNVnwF5iV8nqvaqK42tBoTtW-eoaGm3koNKJ7Co%26adurl%3D&documentReferer=https%3A%2F%2Fdded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fdded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.opovo.com.br&random=6879618782048&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: d7aad6d57a8b5b8dd0ebd20c4d9f7907ec9fd6acdc52c68bf2ce10a5973a170c

Request headers

Host: hal900012.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=16b8cbc6bdd872e1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/

Response headers

Date: Sat, 01 May 2021 02:22:44 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 01 May 2021 03:22:44 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2110
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK request_content.php Show response
hal90006.redintelligence.net/ Frame 3E98 3 KB
2 KB 198ms
69ms Document
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request_content.php?s=89790600014696800044682011581006&a=3b12abbd
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=f49091f29e&subid=&uid=1687c655295cc35e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7pqRbruMYN-TMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBM4BT9BMSc-Tbd9nNZpPw1NQzXowBFnNaXo6f5z5PtAei8ksoiEdUGWruPqHO1o-5Qx4cw5q05U91KfFucZxggMQko1oZuLMACw5CavRhiS97sV2Zd6kyhg01EbFDg_tHvpotXHt_i6NaoSWBqDzI9CPcOr6zk6Wh3Suj6F3A1aS5fDnhSZ2vhlipjxiDIdmebUK2NaUzUunt5CSJ8dLtCyQR8ZyIudWIEcaONKPSMgdMRZh38JutVgSuZLv5XbJrHV9f_jnkVxHfzTGuJrhcwvABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRo7snDFDaDBJaK2MIjd0jj5xjgD8QPiHCmhAQs7dCg449BsCCXJlaeF51YVgRuDZKQcP1OSuXJQUIfUfg%26sig%3DAOD64_1MhaQ-rAZbt93CmJ2R92WvVc-UgQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-Ag1f3Qx34JbVuBu5FuzQ9PiQiV_pW_7as60D6iAkrQVDhVs5qMYS5ct1tXa1QpgCtWB_ZFum9r9xUXPWQU0DSOz774baXmBR6g7MaJzWNYPwe156GEgq3IlkKcH6GrtIgAStJiFMiiY79jaZYYG-UcB-rMvA%26cry%3D1%26dbm_d%3DAKAmf-A1MXZmeDe7A0wZUkUKAMGWRMz08kqOch4DYyuSyFiBb7clW0EhMocPVsZk0tRaRCQBT0Y_tQd-3zido79lm8fbQKBuKPc4ZH0qn440sevOvbDRCVWQHT5naG8qKB2mZMD5KsZGB_DCZQXyX1_7PTuShVB9Y8jL619kvqjmVT_atu5pMFGCQpqB_-Mz3NZ1EJehmvELC11jnUTsffx4Z8AlyVUQsQaVSv-7LEylckSt4JZnsxosmj9i54f0-32DoJq5jnJ66JhtlcB47I1q_nuJnGVWa0AeTZLSqWAy_M489_XT0MU7_GaZ5Se4gGiFhsvR2TmL8xJryBcaiLhBocZ5iNVgQ6sUOr0Wp_8dUrxml4sX4Nv18gP9qEi12EkmR-oJlUUBhcslRWlh3SQJB8XkWWJ4p2dtIbogfrMqRNKBpumlHTn5BFkBYcNO5sj3dugFQdZZ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=8639815311983&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e38bde1558dc1aa519bdb7d0103a707bc04ea367f48ac21bb86a0f5db2d972df

Request headers

Host: hal90006.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=f5293f0346f313a6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/

Response headers

Date: Sat, 01 May 2021 02:22:44 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 01 May 2021 03:22:44 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1338
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame F484 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f161a608df85cf53234c14399e0e6f7ddcebd81d39e23c542dd33f13d8e398d8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame FF53 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 23:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 12078
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Sat, 30 Apr 2022 23:01:26 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame D174 6 KB
2 KB 191ms
64ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=95190200015610300044682011581008&a=b1417f31
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=7718a882ff&subid=&uid=0ea908aeeb15ead0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC04yibruMYOGTMq-A7_UP-bmVQIGI4dRgi9jm6ZYK8C4QASDc1_siYPGt_IWkH8gBCakCpMVSFRUstD6oAwGqBNEBT9A2zeZoVKSM96QOdupmDmnmtHQfdx9HFXcxa-ah6XpK_c5tpLJulU0c0pvniwfWWSjsvYnwz9ssVSyaM6-KWFAHz8DeYqTNGywfUPzagqy8EYExsZzvjdY5FfHhGEsFeju247BCKOiPl16-H3Q0AhrKcaJBDe_J9ZGqctZ1YpHuJU6ckYfyCTU0FEp0HNJkig6nv7oEwSDQJ1HWDEA-EzIDzG2TjM87DL-Qhmg1OlwIGlEDKlN7elB7blnkUhdXWeM_YcgSDjrnDHHXxpodzFfABIKl4bNr4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgFAQARgdgAoDmAsByAsBgAwBsBOR5bIK0BMA2BMDiBQB2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoDGPc7aLqibFgckPbP2owVHUOy_9HLfQAhvPKjBFMVA7610FnCbizCKXIePbhA3pJcucC7M5cmTWZA8Q%26sig%3DAOD64_0cBdE0nDMgb2enG1DTlGXVLjNrlw%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BtIA8yBvZsCg9df7Cato9w7-02hEeJEmbEe1_Xc6yKX_mLL1UhkdXbdhbHtCrazPndi8rISAeFPIWha5w5XwcIQ33nhUdnAojKIyAo7nUyAUyswt8JPne06JzRWO2ZX6b5Lk8vdYVTVMvpAORy-X_jzrTmTA%26cry%3D1%26dbm_d%3DAKAmf-BgpxGnPiD4OQpPQ0XyDfy9AjxrctnTLTpbJAC02yaJbrBXPput-i5tEMv-Eitu2jp3O2ad9lTaq6vnFXCXAfHKqXHYba3-7K6K7tCTfhk4junRTX6SyP6Wa_rN0-fqQZnEvL-uui0SQ2lvn2qlH0hc7hJklPl0Cu5XTi2_NDoLgE9U7SyfIZ09nH97adq1pKRj2CT-C8f7DNxQwPYnsl9zZfd2aLwb1AHwnEqDuwbyb_cmpPTLp92jxAsJzKoAJXxeg23xtQsu6wfP8QVX7Z7ian5IVEkTnGXEKDCE7NNmYJ5ZfxBQE8RsEBgi81sJ6G1dQzk45pDlEyExSF4LcLZ4kWKy8CgmqfTG1cumV5dIov-zm_Fw6J4I81bED2ZbDvMOMvs7NSHq6ciVYOFKT6JLHRcSqnr01KqZDcnrWjpdGC_yrwgCI2jJxz5ab7oIal1OfkxK%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=7152345628707&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9498b4cdfd5c5d5256e26214ca3280431d42a5f2635c6d52f688125defe573d4

Request headers

Host: hal90008.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=f5293f0346f313a6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com/

Response headers

Date: Sat, 01 May 2021 02:22:45 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 01 May 2021 03:22:45 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2122
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 008F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 393ed14dbc9670a60c03fc5961a5bc71676a8f63126e78a6f7476f291b3fe2c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame EAE5 21 KB
9 KB 124ms
124ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/20&eolid=5675027261&eci=138347231030&ct=%7B%7D&w=970&h=90&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:45 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 5246 21 KB
9 KB 135ms
135ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/billboard_home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:45 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame C2A9 89 KB
32 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=40650600012381000044684011581012&a=b0fac3e9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141073
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 11:11:32 GMT

GET
H/1.1 200
OK 728x90_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame C2A9 41 KB
41 KB 213ms
68ms Image
image/jpeg 188.138.33.34
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/728x90_OMAC_2016_Launch%20(3).jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=40650600012381000044684011581012&a=b0fac3e9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.138.33.34 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: loft9037.serverprofi24.de
Software: nginx /
Resource Hash: 7cbedaf4d01c2b49cf1eab36979755222f1525f7424ff2b03a98b83830301288

Request headers

Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 01 May 2021 02:22:45 GMT
Last-Modified: Tue, 16 Feb 2016 11:45:27 GMT
Server: nginx
ETag: "56c30bd7-a476"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 42102

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame B759 21 KB
9 KB 140ms
139ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/29&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:45 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(2).jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame 3E98 52 KB
52 KB 202ms
82ms Image
image/jpeg 188.138.33.34
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/300x250_OMAC_2016_Launch%20(2).jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=89790600014696800044682011581006&a=3b12abbd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.138.33.34 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: loft9037.serverprofi24.de
Software: nginx /
Resource Hash: aa31782ed405b9ccd6346df847c07d2472e32b07c2708b6d0e40af4f5d34964f

Request headers

Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 01 May 2021 02:22:45 GMT
Last-Modified: Tue, 16 Feb 2016 10:14:55 GMT
Server: nginx
ETag: "56c2f69f-d006"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 53254

GET
H/1.1 200
OK viewability Show response
hal90006.redintelligence.net/ Frame 3E98 0
150 B 197ms
65ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/viewability?s=89790600014696800044682011581006&a=537543bc&vb=m
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=89790600014696800044682011581006&a=3b12abbd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90006.redintelligence.net/request_content.php?s=89790600014696800044682011581006&a=3b12abbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 01 May 2021 02:22:45 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 3E98 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame C2A9 0
150 B 200ms
65ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=40650600012381000044684011581012&a=30432e2f&vb=m
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=40650600012381000044684011581012&a=b0fac3e9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900012.redintelligence.net/request_content.php?s=40650600012381000044684011581012&a=b0fac3e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 01 May 2021 02:22:45 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame C2A9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame D174 89 KB
32 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=95190200015610300044682011581008&a=b1417f31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141073
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 11:11:32 GMT

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(2).jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame D174 52 KB
52 KB 202ms
90ms Image
image/jpeg 188.138.33.34
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/300x250_OMAC_2016_Launch%20(2).jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=95190200015610300044682011581008&a=b1417f31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.138.33.34 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: loft9037.serverprofi24.de
Software: nginx /
Resource Hash: aa31782ed405b9ccd6346df847c07d2472e32b07c2708b6d0e40af4f5d34964f

Request headers

Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 01 May 2021 02:22:45 GMT
Last-Modified: Tue, 16 Feb 2016 10:14:55 GMT
Server: nginx
ETag: "56c2f69f-d006"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 53254

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 1D1E 21 KB
9 KB 128ms
127ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/25&eolid=5677262793&eci=138348173431&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:45 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame EA01 21 KB
9 KB 132ms
132ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/28&eolid=5395992609&eci=138337188415&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:45 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame DC7A 21 KB
9 KB 215ms
214ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/banner_bottom_desktop&eolid=5675760410&eci=138347374755&ct=%7B%7D&w=468&h=60&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:45 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 6947 21 KB
9 KB 214ms
214ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/24&eolid=5677639880&eci=138347601690&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:45 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame DCFA 21 KB
9 KB 218ms
217ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/2124&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:45 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame D174 0
150 B 194ms
65ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=95190200015610300044682011581008&a=0abfdb80&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=95190200015610300044682011581008&a=b1417f31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90008.redintelligence.net/request_content.php?s=95190200015610300044682011581008&a=b1417f31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 01 May 2021 02:22:45 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame D174 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D12 0
56 B 41ms
40ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjmhJcruMYKvpG-ve7gPqkZvoBAAAAAA4AeAEAg&bg=!qqmlqe3NAAZLnZBaS507ACkAdvg8WvDPNjVz_jNF_2OFZbnYMSLzNDsw9DT6wlxim4dVy7gdPxixQQIAAAPoUgAAALFoAQcKADxsh_MnFiYyyvjRZW2YfxH9Xo8IOucdRRv-NplmRwQaD87rndYlGfw4IeIfjsMs-rnIYjTkRVQryRyipfOZAmu71U2pWvzdpzG_piMS9a95cZA97Ey6JJART2AjilwS9dJzjxNlpvUiH-WLcqoO5_G0l3i-hofTTlZtRkZbI7EuCM4VRmj1fYFbW9R6369vqPQpj2NHwqXlkqWC_h2c-HF21wvqfbF4QihmrHT9Y9AZOTgQR-iUnOKNDDlYQ7IoMFYKaq1SrENp7RHd3bbYgmyZbp29J0GB3EVrIy_qBshrSlRFP_bPejyuHfub8ZJX6hURw7CrmW-Jd_d2w-MstcEnmKlti4qFiVp8F9FKODbtd0xGexTYcU8CwK2zvl5tadKbu-7Pr-yo5dzJbWd0WiiQJDDuckxqFVKfFnz2rgrTElwZj5CW7cuPsVkuvmaCvI7jk9JW0aXu4NRUY2mrSqyBT3yeDAudPeCRodZovpySbL8zO4aOC4LIl_7t9P7Usoy3mo--3w2nzBipZObuDyHJ2gGZsqytmfWFaQERALQrJr7vzFqjWfYV3_x1YWvrj--Av6rWeQ05u6V3q0ryEGE1U1o08bmvmgbqS5V5DKBM3ewxrunEnVLy1Uxu-qc6LU5Z6pBsl_eU7B44xiWltaLOPMWACcsIJ0-KpHYdpozk583H11O1pquTGUjW8N_xF8kdBa3XckCnRkC6JD6XW8Vfn7cQTNGCdGKKRw7F5I_aR-MVel0Y-D7eJLf3b8c-kuATNZx82RUXrdXLeFjRWgbsDNU3-cC0le6SkJpGXPEIlriTcVFhqziRapzYpFST71KDeOdA9qFxpg78w4fxDU29zQRV2B82EM6El9tqJSrcjBSmFXOcYOh3rtjiN1jZH7J1ZsKQZFrzicp5

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C44F 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhX8ccruMYO7pH9-17_UPxfKFgAQAAAAAOAHgBAI&bg=!6eql6q7NAAZLnZBaS507ACkAdvg8WqV6COWp2seqw_wXOiLxOdAK-sTZdmqdR2ibZKUxG1NDe9jEggIAAATEUgAAAONoAQeZAr-hZOxd3Pc9MTF0yxtOTVTkUImg6y792-bCEV8_I5PXjtJgB4CsaeCx0yzdGtGM-R-AVvL0I1yd7kaAogt1Gecx_wcz11kyPL758KZapuEAFbDCI_9kCYjM4-cU8ek9JREyDmJJ6Kn_ErpT9B2Gi_7ecNbFwaRw9cj6Wu08N6GN74nXyW7qut_HB-Ms6eztB-xOqwkpglofjqBUBitxEd8f6WjBh9i2dpoD99mQy7Sokwnrn0NsLaC7-sQS6H-ulwxlVgZWD0OjC2Ac5ghLj2sLfzTFaAvAH46TVObKQVHi0trkuJGmw4sFddrzgkbV2F2RsMwUFPXPCxvE1BqMtaAd-J4CeeKdm4Z7U72bmVSzOCKDOzW97d_CBdISMwcKfitjxNzK_SFsr9MAd_7BrD-zqHgBiOMYelKci4wEI0RkTmwogY7-37xqfyP4mrpbPocQkhAR843QiMkoUwzeX6Db4Nk17qsvKvWtToUFVpNBi6_F3q9JwP9R-guI3jFLJstIr8frF5LccKccV8A9meJBTcZVbzfuhZpDKvvUx8meiG-vh7Lm_yGoUI1dyuEgsmnqHW6xc6CpG9soPw7tc7x7dSmWuQj2wnwg2i8lqRsc7Ind8SznNTsLapZFs4px0RoS4nU64pbHMQTQBSAb1pkeYQS-ZXfYxEb3x6zwaikaS0-7N_lTxgWcO4y0Zgyu5QwvEzbPXHJmqz7isOS_1I_ByJVBVE-1RF1nCOAN-jW1H6p3W7Ngtd7cnWdlICFL5R4hReeNJGMrSeYImmCS9OloMG5s2GJiXGMGc3i1wJs5FxauELydhvm0uZDy3_rruCPikGbZf3Dzh1nr3NJEuq7vvpyCi2Q3tKwbH9reUxvG28EEUjlWKIVmb9ptKHtO0IT-e_IwICkmoMM6AYXerqIy9M341R1dJhu8m3YAjOZT

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E7F0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b189032385a359789e75691b6fa6314c08e56f76b9ed237ce625b79837e90139

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 65 KB
16 KB 15ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1357409
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15507
cf-request-id: 09c7555ce700004ee660abe000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-10424"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TlmuOFTGiaWOlx1Vt2wie9LwmPi5OMhOW2omX%2BiTmAklRkzeJM90CaMjy%2BZm%2BCi1XeozKCmKQz4DxgcYXjkeE7rkxmbuEal247XftGrgqZhybkFeJeD1DLSnblRhiBQfYQ%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64858b417a3c4ee6-FRA
expires: Thu, 21 Apr 2022 02:22:45 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66abde583fcbdaf5577eff79a758d6234ccef54dcdb686ddc674ea82008449a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 01 May 2021 02:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7677
x-xss-protection: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
662 B 294ms
168ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3wvj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.opovo.com.br%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 01 May 2021 02:22:46 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d086e64584dfde78dd69376926c0d82acff5ba616e118ef28df874f6779c909d
x-transaction: d3ff6d269a8dbdff
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
594 B 482ms
165ms XHR
text/html 35.223.116.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

8d396d43faf3740c8642481eae1f73a07c5b77b5dc682a49d03afe516a05404b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 01 May 2021 02:22:46 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://www.opovo.com.br
access-control-max-age: 1728000
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 01 May 2021 02:22:46 GMT

GET
H2 200 _adview_.ad.json Show response
cdn.webspectator.com/ad/banner/_adsense_/_adserver/ 0
165 B 171ms
156ms Script
application/octet-stream 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webspectator.com/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=77836995
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:46 GMT
last-modified: Tue, 11 Oct 2016 11:19:36 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-length: 0
x-cache-status: MISS
content-type: application/octet-stream

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3827330936308599&vrg=2021042701&nw_id=10216148&nslots=26&eid=31060923%2C31060504%2C31060795%2C676982961%2C31060840&pub_url=https%3A%2F%2Fwww.opovo.com.br%2F&qid=CMLB_Le2p_ACFS_Auwgd-VwFCA&iu=%2F10216148%2F20&e=512&ret=728x90&req=970x90%7C728x90%7C970x150%7C728x300%7C970x250&bm=0&efh=1&stk=0&ifi=26

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 7701 80 KB
26 KB 76ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:46 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 May 2021 02:22:46 GMT

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 192 KB
54 KB 64ms
61ms Script
application/javascript 65.9.69.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c760f7c8b1df0176ab56978462904ed5be65ce92e656d07ce8b9405d1fc73972

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rL6mLTlIdhAYlrT3Eo5bYDkD.2hTAkSB
content-encoding: gzip
last-modified: Thu, 25 Mar 2021 11:22:57 GMT
server: AmazonS3
age: 73651
etag: "916a0e617e98df82a5dcec6d97601520"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
date: Fri, 30 Apr 2021 05:55:16 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 54836
x-amz-cf-id: mtzluJWYeaN8-1oXMpJ7TXz9YI4x92XkpmdHdD875gOJbqEfo19kjg==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/stable/ 10 KB
4 KB 64ms
62ms Script
application/javascript 65.9.69.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f540d433a251ec9e77bd82b69332402f7066de4a30eb669cc994533d2bc968c

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iGCdVNXh8OADIElSgnaZ1aMl0Ytd3ZsV
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 13:16:44 GMT
server: AmazonS3
age: 84790
etag: "5aff0fd316645aa816c25636aa98fd7b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
date: Fri, 30 Apr 2021 02:49:37 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3902
x-amz-cf-id: MOR0p1HbNcSX25Y-yxg-vwOzxH71xT8y6UBZO8tb7TmHUu9oApL_xA==

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame BE8B 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 01 May 2021 00:34:05 GMT
expires: Sun, 01 May 2022 00:34:05 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6521
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C09B 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiUJNcruMYPiOPJnt3wO1ip7oBwAAAAA4AeAEAg&bg=!7e6l7qrNAAZLnZBaS507ACkAdvg8Wn3UJHapf_KWqb11w9vs_4AVUbhLxWzrAO2HOWTcVynDqDKyJQIAAAWbUgAAAnRoAQcKAQfZMPcPAXSxy9xRVB1UnlHfsU0jjcS68AOykF62DN1XhXTF15Iw98MkDc81UNPI8NimYjYBhlykmtG8tiXPJWtcRviAXs5dnvd_zR4Dk-OGU9JQd8gYOzchr_4gNzFbMQtmK0zf0ezvtxfuogA8LaYRlXAV7EKdZXqPODnqHwsVmtFLMhX7XnMcoH5P66pnKCxR4H-F8A3YfECub9N_VNuVJmrTp56_lLeVLWL6w4IW1dgfYnHZQ-cjSFMuvAIyrihFOCl3v5lrlMcAsbqymBcg551jyfTTV7xZX0HW7fwPnyKDLEOnyfl6BhAtoGUor-h4SpI6nJvYIhA_jgaZQbjVYt_dYgD2TpkCbuqoVXbit_t_ZOMx06iEaCsGLdjy13TaOpbIxePNrmI_eNufCyfMXccn_lYQ_UJljZSAGx5WLmEWyWgZnySDyNUizjplKG1qkn8ZGYcEnkZY0UyJvUY9dpQf9s1HLXoIOe7R7pvgi1jSTCZJ_VhcIGd8I1QRsOR_KK4cOU-DFGujYl9d_0ZvVjYRu3opNVvYDKTda_rGzYYIilh-evmJihBsZing-aAvQ0KoArfij7cmh_NTsbZdUuCgd3BFs7ttETJoRThZrm23dpko9PogVSTmSLk48Wp8mIgsMW9G3zcqVP8mk6PajfIHRy7ohKFR7ZRMFOMUPG95DTOwgIuWCZXi0IAJDizppl6uVSpCFTwtumyQFguUdAa5RUgslCtbut1OrOgVjEP9E_oD0OD-7h-EduqUkV-FQbqzb01R4hRkulbmiQV1YyZEC4UOxDKKYP70MePp78zjY-7j9orJ0uOFbfXs3sUd3Q19yYu-9Rdvlbs2tPU4nW228KplZ9bFK7EhlsTuV3S0RiCbWJkdOyZ9S_aw1nCm4xlL8nD0L59tpz_pFkWCJrNeYbJ4aHtrG1Jywl0eycY0tfKARNEd_6y3pjUyBur9J_w-V_5LS2RSPXfmIhGHTR2m_S-MtCc4zzNNN4oXZIkGiT8APM-0P8RJ2AwkngEL2X8U_L8xyb6QCM_OvhcJbCitdFdNoUtuEr0bVMLClvlv-T4WDr5OBmkDygRwOoRXWUOscaOw20hcWS_D1epqRuoCo3WR_vwfXl3CRXeS8ASSxr6vdyuzIfVuhxAfWIekSkC-dzu7KYL6Ud91-orSZ7IR4ji4S8E

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6737 0
150 B 410ms
121ms Document
text/html 2620:100:a005::d
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.opovo.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::d , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.opovo.com.br
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1569
date: Sat, 01 May 2021 02:22:46 GMT
content-length: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame 7701 0
146 B 61ms
60ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.opovo.com.br
date: Sat, 01 May 2021 02:22:46 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 7701 80 KB
26 KB 92ms
43ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 02:22:46 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 May 2021 02:22:46 GMT

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 13 B
79 B 784ms
152ms XHR
application/json 34.68.90.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://popups.rdstation.com.br/popup/show.json?account_id=86280&uniq=_iu04dxi4n&ref=aHR0cHM6Ly93d3cub3Bvdm8uY29tLmJyLw%3D%3D
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.68.90.188 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.90.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 01 May 2021 02:22:47 GMT
content-length: 13
content-type: application/json

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E7F0 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5BfmoxEPbAk9FQAtGiaUyOxuzaTJpJU-urXnqXTcpgA5zTQeHJ8-9_ChZUeRbTzrZo47flGkS4KZQIJVCv1GewkpxRZOoysQWJRC5kFo&sig=Cg0ArKJSzJNh4OTU3HDPEAE&id=lidar2&mcvt=1025&p=195,436,285,1164&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2678070680&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619835761202&dlt=0&rpt=1427&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js Show response
pagead2.googlesyndication.com/bg/ Frame BE8B 14 KB
6 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 23:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 12081
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
expires: Sat, 30 Apr 2022 23:01:26 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7701 0
20 B 42ms
40ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042701&jk=2540861801181837&bg=!0tGl0ZXNAAZLnZBaS507ACkAdvg8Ws2A3BRnrUyGEmzKJRGGh5AmTDRKPnOPxynkO9mS0q3LWX5fAAIAAAedUgAAABxoAQeZAmbIpiGMJJSs59oT1sKzUWBcrCsqTcsgbftmpN1gw3WVOaBEL8AMhqAHpaLDeLomkiHvEIoL8G27CuQQKwBW8kV_ZDBdLIQjwbNGNdW4y_Yf4IN6wkb2en9QQcwUtW5SooAlQ16cnXKpTqE89uFYW9hM1W0_aTYr7iIhWjcraXGE7KHlLVxv7hNwPvyGNPVhA_k5tPYrcMK_j29QBO0ao-wYOl2I3CViorGkulJm2Lhga-qMbrRrZ1WJURgfrIYbH_MuIxPgnQ1Kv9YbAUMAaPiJ824vQfP_F7gHhl0ANpHOWywWusjYMGtDmFgN7NANz4KpvxRbg4jwHsqpLe6dX9pkMzjaPSqLSA5a66qtWEJYsN8WBII0h-qDivLRKBPFrg1VUu9lyYUcAbH7dZcRmS8vJ5zOtSYKB8Bz4Dycf1oDgq4uGiSXkf8f-JQFOfHMHaOWLCnCTSv8H99SVgvN8akm5N_5Mr0zhI_CmeqwUPFnlvUgZW8kC4mzW7jGIRB98nuoS3vC4VT_vgM2r-ZPHEye_Lo6LD9fhgQrBkEh1kwtQWPR_7_apUlXOu7hbfYW_-W59tHKFoYgqPQQC4-1xhevSZVj7fOewEeBcfjcgiHiwixuG2Lve-nONHDdTSWqBJzM2Oi7XytclE2g6IpiyY3BIu29AHGqGCcghRCIBaKGn3bXdXLJ1C3fa9FFquIf9w2YGng5QXm_TaHgLp5nj_MkoHymflhDB0pNEMzFLkW8Gpi336rcQDDy7arFQV1xJO88O5kIEd5FAOTK7haYrzcEzCWSOOvH2S7Lknn4e4EaEvd0kv_YYA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042701&jk=3827330936308599&bg=!x8SlxIDNAAZLnZBaS507ACkAdvg8Wo6wWBklVjOUu6RBLBiUfsNkkpoMWJKmu-_e3AVP35ZUvMemtgIAAAIXUgAAABdoAQcKAIyI1wuV9rOEs-O661g-cNGTKve2foottV2GxnpYlXNuqtKbwn6FDdIGNPnrvaLLdIykjmFgWJgapdsTyANmLQZYhredFn2T6FUkt868nxGXANS8ePPI9Iyv2c76azd7deGYHq5kkxd0NFAH2O0LdgEd07eaMOr9hquiVKp0HyD9REHwZLwC44Yck7U_HZkCPmSyiVK49ZCIh2r3zEr9ZHtvHwG2Lr7e1E5TjDseqiuiD1Go2ZbAOAv55ij-SbSyAbqlsnc1y2yl8evBlgylbZSgPPvORC6I8CXi7RJIGvJHWgdILTh6DkO6KZOEWPNolFUfrFDThy3cBBl_Qwf9LPpFJWKhJBtq9c5TkzrOQyXdIymE8KaQQ07v6KTXkMmX_RHu1crCaEgcdbhx3VxYX6Dc3yxZbKti-03F6oUoeVC2O37ZrA97ZLLog50pGEsOyJZ-q6GB2a7KDb32_CXqPJ5gvBkP8THdNb7ceIMNNSsLiOR1uampmnoXeV89a2lJmdOdKnp3HV4Ia0UPH4PvAy3kq7iQgdgZZ0KfixN5yZbHXHRmguttilimsMMf2iXLl875ilfPyf-OyA7iPuYEOwbjQjcbtCQaQ3gV6KMQz3mDTAu2FWkP2gvYfzL2078pFp4jSuujJWY5AZwMuX8A2hbTRtFxBjhjqaTxX9Nu6afM3WN19-pIC9wiohs-3Iqp59zBxG9l5A8z2qEfAO3FSalRdVykS_ACym6iM26dQ0Ua_oy0I6vlICuULcLvzGjISTVPuiyNcxZMUSfTuGtXmhHjh__S0IPfY930KPL7h136pbSlDcQhBXxUuBRcNtBcla4bmKP1uUSM-2wstSMp3EuIxLSuob6xqrLCnk7PoPtMxOkdRFUAyhexeIhJl-sbsnBE8KxF1sF9Rk4PZq2RT3OsyWLNreXzaoJX_1PzKbji4BDd-qY1YxgffXRXOgA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 May 2021 02:22:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.opovo.com.br/	1970-01-19 17:57:17	Name: ___ws_d_st Value: {}
www.opovo.com.br/	1970-01-19 17:57:17	Name: ortcsession-w5tlOg Value: e3cc0617b7fb58b1
www.opovo.com.br/	1969-12-31 23:59:59	Name: ortcsession-w5tlOg-s Value: e3cc0617b7fb58b1

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js(Line 6) Message: GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (4:22:40 AM) version 1.6.4
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (4:22:40 AM) loading dep https://geoip.canais.uol.com/index.jsonp?callback=UOLTEGeoLoc
console-api	log	URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter(Line 3) Message: %cnobeta%c formats alert,preparagraph color: darkslategray; background-color: sandybrown; padding:1px 3px; border-radius: 3px; margin-right: 7px
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (4:22:42 AM) UOLTEGeoLoc callback EU,DE,, undefined
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (4:22:42 AM) script loaded successfully: https://geoip.canais.uol.com/index.jsonp?callback=UOLTEGeoLoc
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (4:22:42 AM) loading config file
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js(Line 1) Message: LeadTracking initialized
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js(Line 1) Message: TrafficSourceCookie initialized
console-api	log	URL: https://www.opovo.com.br/(Line 2183) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2183) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2183) Message: banner não visivel
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (4:22:43 AM) config updated: [object Object]
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (4:22:43 AM) ticker is inactive
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (4:22:43 AM) destroying websocket connection
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (4:22:43 AM) script loaded successfully: https://noticias.uol.com.br/eleicoes/2020/apuracao/service/index.html?loadComponent=projects/election-2020/election-2020-config&data={"jsonp":true,"config":"ticker"}
console-api	log	URL: https://www.opovo.com.br/(Line 2183) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2183) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2183) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2260) Message: Service worker registered. https://www.opovo.com.br/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58e2acf83643c74b737b9701b15829f6.safeframe.googlesyndication.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
adservice.google.se
ajax.googleapis.com
analytics.twitter.com
api.nobeta.com.br
bidder.criteo.com
c.jsuol.com.br
cdn.contentspread.net
cdn.webspectator.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d335luupugsy2.cloudfront.net
dded0ea8d601b401f22c729449f96780.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
forms.rdstation.com.br
geoip.canais.uol.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900012.redintelligence.net
hal90006.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
mcasproxy.azureedge.net
msgws.webspectator.com
noticias.uol.com.br
opovo.com.br
opovo.com.br.eu2.cas.ms
pagead2.googlesyndication.com
pageview-notify.rdstation.com.br
pixel.quantserve.com
popups.rdstation.com.br
prebid-us.creativecdn.com
rules.quantcount.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.ads-twitter.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
t.co
tag.navdmp.com
tpc.googlesyndication.com
vars.hotjar.com
webservices.webspectator.com
wfpscripts.webspectator.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.opovo.com.br
104.244.42.131
104.244.42.133
13.224.106.12
13.224.106.54
138.201.63.116
138.201.63.150
138.201.63.164
142.250.185.194
142.250.186.66
178.250.0.165
185.184.10.30
188.138.33.34
199.232.136.157
2.18.234.21
2600:9000:20c8:ba00:1f:f9d:b880:93a1
2600:9000:20c8:cc00:6:44e3:f8c0:93a1
2600:9000:2104:5e00:12:c12e:4e80:93a1
2600:9000:2104:e200:5:2362:a880:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:3033::6815:3a6d
2606:4700:3033::ac43:cb93
2606:4700::6810:125e
2606:4700::6810:ef3
2620:100:a005::d
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:802::2008
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2006
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9c
2a02:2638::3
2a02:26f0:1700:d::1737:6e8f
2a03:2880:f03f:1c:face:b00c:0:3
2a03:2880:f13f:83:face:b00c:0:25de
34.228.251.145
34.234.140.75
34.68.90.188
35.223.116.65
35.244.156.216
37.252.173.62
52.1.252.251
52.157.233.49
65.9.69.197
65.9.84.103
65.9.84.52
94.130.102.164
017ee2612ecc9b8246c951158c0982c263679899b0bb803a101d06e5be06151d
02351b56ec88ccac51670628017be0fa6e33f08521735b4ec5dda988183cc967
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
0632c96b83e70afbacee4a70ff9670587dcaf08d59af6a9d93312bbf77637a75
090e68adead733e6c4f72552fe5d5808ea5ae87d937ed40de5a3ad72284ae1b6
094f185cfcb993d51c2047ca1ba82e1b4609fac9cdec41a4c464c55e5c4bef1f
09a03c083501f18899598fa726c83a77d0105aedcfa76b9aa88ebaa811dff0fd
09a9f142c7f1a54139341e744a94a0f68b49d46faa6e6f984736783c630674f2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bba4ee8766e7683a421df6e1c097c303b940d05b3f8139a01bc0ec910d9b6c8
0c6f5ba88cad1d6fef6754b17eff1abfb532089184774d12678b8ce6dccb04f1
0c97bbefa216e0bc391d8c386a457a9b8a52d3b53d1d01ed1ef832d0fd783fdf
0dade69e79b2a778195412944100f6fc1cf02d9880b00ce4848c66de0408548b
0e6a8af98d6fbff175f0a9521f1f9c92a045df3040dff49955b8a7ab6705806b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11cf5c1245d3c47555619c67ceb9ae543a7e8c56346e007147e1671652abbedc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15273ff1ac56f84eebc440688d39df383582d67ab9970a5ee5f2ed3ecdff2ba8
16b3fdf7132afb85d663fd4bc49a66d6b864a8f6dbfe8e861908b6395207979e
19c6350cc772c351bbeef48b5faddfb34239ea9942ffb9567e35a7dd64001303
1b2fc79536c8ab2f98419ead1cc323c8945371c6e5019ed79f593e877d48a8ab
1cbe8a6f452d3d2a87f60e32668acdaab4e62e50b2ee0b8050d3b3828775f61f
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
1f540d433a251ec9e77bd82b69332402f7066de4a30eb669cc994533d2bc968c
2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6
22324e2d97060bb46edc8f9dfe4d115755c59e7272c4cde9aa0e0455cc194392
23addc956464503578d051fa820a2c4529f2291dca055b2d62b054bb81cf8f88
24ca58bf23e819a415daa325aa0e3a6ad83bc86395468c9ca0c240ecacf2cbc6
253f1f0c1d70dc321e68bdbdb2a8b23cc01a84e6fe39de1129037a76ed576113
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
2b7ac24fc14f0e3646d4c3e1cecfdf596cf3dbae1e5fcdc43239a1b69585bbe7
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d6ff70d2b7dbbf999cd7817983d70b7a40bb33d63d3b663beb2e4386d4acbd1
2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861
2ed1ec2ced5d9d4342f5db0ee37f37557f6772de952e3182879cb61ae89f9986
2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd
3260ada7a202c54ba790f33e3252c611357eab584bec55f788a13a4e9d861e5b
329ed7a7f4a9b8f4d59c51c09725dd2e70c22a3e2ee3eefe8cbd7ff696935e8c
3448a86642977e26e8616b60918559d4360d4532916556e8b32c82997e10d658
393ed14dbc9670a60c03fc5961a5bc71676a8f63126e78a6f7476f291b3fe2c8
3a7f9d45bc863311414e1e9d616079ac1516a9043d4148d75ddf2483ab99b53d
3ea8150cacd7d55a155afb7d49e6389adff767a73bf099e67e95e6c516871150
40ab42fd2738b6f7e360ecbcf60ed7c532d75e944e85a009a3397f4d7a67c10f
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
43a07afa251885987480611f7a5f76c48949eb6556122ccffc2c6de6cb558707
45299f368e6389142d9524d0848c3b9077e7b8f0547db564bba9658d55972698
45a70c9799daf3ef74ecf4e75565d09ca038a83e37eced0ab40ed441248f40e0
45e1a1aa627c41278bca61277e00d2c586b199690f7cd3a638d6f52d94167b31
46c215f52699ed6cac2276f46c5b27ba257a6651d432f0b0b299d6d73fb2d6b7
47b4692dfccb38aa3b791b809c6475ccf144079687c9d9569849b93af6d03c89
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
48e8ee1961d403f2eed8b493c75fc816d4a85630a3b3d2bc13b4b7d6a1a3da5c
48eca44b7d480b8ea047f020f2f08763b3e4bbfab06fabf96f0e9f241a75f0a9
4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c810c8e1ed2599c52f199db4b84574949c268f3b1c6ce0aebfc02d61b140ae3
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4f3e883baafd0aa9d5f7e1ba2b49d6a9c458e2085bc0575d00a31d5bde3e5ac5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506e66300b9f080eabbe30de08477930bb4c7327da5f6b26b02dfaf167b6451c
50c133dc299d71b3a0d1e9376696173623c1380eca53c52367f69af4a2a0d9dc
52ecb1bb746a09526edf118c79dd612045a3e411317ec429a3ad440475f79101
54f93e9c10e60babfaaa671b990efaf804977c25a6de037d725376a240126d3d
55c357602ca06d0f50246880e2594b175c3ac470110ed13ea8336e149d78e2de
56fa03af190ddd1ae7399eaf140a542faec293fb51b9158e68a7306200148598
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
590ec95ca64876fc843f5cced8e05e5c5d42c72da01c2fe586dc78128950457b
594daf03c1101103eddb292d1d583d676128ce34437974d935d36cd13105b2be
5b12485ab2d80c50e837d3a09156c212875a15d25158cbc3e1d8ad0998ace10b
5ba7fd787c02199e104993472f1cb118b9c77d4db60f3b85149d941d496dc2f8
5d6c79f8dcdd964c0067229826bd38e6fd0cc6d224d4f0897bc0b89c6917dbb8
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
6431a993d0885822b9d745157eda00ef2795b5f7fd299e95ee7313391007638a
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
6611f7c007adba860a0f02c9836b9bf051b95f6f952aaa8e15e8e6988c11428a
66abde583fcbdaf5577eff79a758d6234ccef54dcdb686ddc674ea82008449a5
67f308c82c94beab0f19774ad46800bf75374459d800718fc2684c3fedd5a639
6814ecdebcaa88ba8983e8167b226708910d9a234adabd105348317ba4d75a1f
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
687665094c49c3e82194d2a917df5fd2f4144a3ff5ebadeffafd1de1bd6d825f
6885f0f9e2471215c58c630a45a4c52d421166db93b2f9388a96e122c9176ee6
69de99231158e36ac4ce5d52a93af7a1574a4f79a8fd79b0d21b49d85105c3a6
6a9acbcad0c40a7aee5418d4a5db41f265247746e7ac82d60591375b27f81aaf
6d08c859f30409cd456b3e543cb212bc47efce261e3a88181be9d876541fc76f
6dd8c3796600c28cb55f80e3b365e818144fc506624f1825538091e7eab9f15a
6f3ed2e08a43cbdaa2c32f0dca58bf95277a89e2b857399ad11d4e0fb656673b
70f9dd3398ae47c4a8aa91ae9405e0190099984b28f35115da7d2d0e70450a97
72c2b84424cf08a672b5ebb8a1aa2958aaa86e26cebf74e6b933ee8df684c413
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7323a82847be2df6a9510ec0ddcedebeb02b019f5ee092cd2da501ee094ad02c
74263999d6480ed2829a1de981c552714ad2a9020305c60233671db5fd14135b
79e7384be3ec1e42038e5e414d62684acee8a12c0be98fd8b4ccb480d20c9435
7a2a66b0c0a553bfed64222bca5779b048a8036ae5ebfa2b3a5a0509ef4a24c1
7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4
7bd822e612a9671c3105c5aeffccbc836004b4fb2b1fb703471de1cf8dfa3973
7bdb6f8aa5a7bc7d329c8ef830a1ed2c19194e59d91b3316192aae5ffbc4cfe5
7bfc998b6b2333e071601dbff62e890651f439e66179d3eb000241eefb17d85c
7cbedaf4d01c2b49cf1eab36979755222f1525f7424ff2b03a98b83830301288
7cc27093a7206bc10971963a8ce40453a4f0c6a01754559009c6f00cb3498d65
7dfe3f3ef0f6fc918e3a2cc63c32dbba6bac0912525f92f868784e7df2d9695d
7e1d05b67320d633e28903abf74d8d6d447bb482ca6cf25e8b75c011bba11191
7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a
818ec7e02e904eab6a9638557e17c3df7a981788dea3378baec71818df4aaf66
82e7822c35cdcf0e2ac5552f0ca767aed13b2cbf54d914ad8233c6b524ea85af
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e0eddb17a8074caa3d6e6a84c220130e9d0827bcc024ec5cc7a54b820c83c2
8634980ac739ed5d42e29db2fa908325d12c57b6eaab2ce0a4f6ee49639884f9
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
885ebfc33b635a210faf10a830b985c16122e5fcec3e4638eca96755a3069af4
88865e7ddaf27e6a197673760e1da312c5525f54af05cdcd9fa04bd07fa71c71
8938c6b87446f08d0a7f530f2ea3ac840374ca40d79166f6ecaadfa9b9db407b
8969f0b1ac45e954bb9a37399960566ffb09e578561cbbef980c07a11a84bb90
8a376f672c12525ddb21faadbf8f4b31422c99bd44b16c723d018b7ff7e2a5dd
8a45590a3bf9f39d72dd53301f9897396f2dfb19dc1d38f0beabc965c8351a2b
8a5d5b04058d52772fc46f83376da4139e4b135d4c73ae262a19faac21860678
8a8f27d5f642fbfe0360dd006fe85893f660355b21fa662e47a9a5e690f0bce2
8d396d43faf3740c8642481eae1f73a07c5b77b5dc682a49d03afe516a05404b
90ecb403f0b6aab877e0adadfa636d9c8da705b989bbc7fd139a772a505c2f7a
9197f7576ef57637c5e474669fd48214472afadac777b047225ce6ca48cf41cf
9298f88a525ce9829ebe9ba4cf4692da2f12b278579999aa9453ed570b02b4a0
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
9498b4cdfd5c5d5256e26214ca3280431d42a5f2635c6d52f688125defe573d4
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
981c077fa1e3bd21045f0a7087e0847a9d3af7d5aff9101aad7a20b6b4150adf
98d74970717c82f642c4388632e8853522c1e16f36190cc9b2aa3f06a9bd776b
9947811e593019b2a43bf841a97e04207fec2882cd3fa5c1a541530b234622ce
9b41b48a3d15971ea519172e34c9119773e1ae2cd958aedd72ae3562a3a2c62d
9c68dc10b5c3627a75af30a5208dabf36afb0d78a6b9a61b59fe10f502d55f94
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6709016dd2b93604284c2125b0b3859f14235bec1b914a07a21f0f810dddaca
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa31782ed405b9ccd6346df847c07d2472e32b07c2708b6d0e40af4f5d34964f
aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50
ab4cfa8e3a6b5091dab6593c97370f5faf9cb7abdcce38f5ecb7519533092352
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae912f9e546b734b322ebea9f81127f635b99f381c9a15c0430ff8274c5faf5a
b008731a86ba82dd977825f31b0ba566fd3c693897d3928690cc2582a6f9063b
b03b44c6b400fac519d88ade3058e23c041edcff0494789275a4afb79f717e06
b14108e25edfa81b17888975728e2d284650900547552a3b445b3d216976a327
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b189032385a359789e75691b6fa6314c08e56f76b9ed237ce625b79837e90139
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726
b66d71d6aae196d29c48d01b0efec55441631db3554faa1c8d8b62d15b9ab31b
b680ed5f77f73441fec0059df10a170e46468b01bcf61f8b696af8996c9d06a9
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
bbe9772d95cbe28e814b4e2106f9d42eb1e711d209707c73d36fe754465b7387
be3a5c3e0b3ccf1f7a887960356fbded0e0095c214e28abe0b79f0514157c3ad
c496f2bc7c2632cd59364758ace61153379b955f9fbffc7708c00c954dfb0b15
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6f58395f1404bd66a6685d12bf19baf7d6f340ad331b3388f5bf6f0cc463db7
c760f7c8b1df0176ab56978462904ed5be65ce92e656d07ce8b9405d1fc73972
c9a4207edcbcbd498a5bc802056baa383b747804aa8c4809e4ebf5cd84fc5650
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb7ef62603ce68e806e9f3f9fd2312c388263059871b9d0e690231ebf4256e07
cdcaa2d38761377a1decd505ea1baae665e6c61f77109405b75e007aec150e87
cec172b03220fd92a2c023bd96f5cc3e8b24e022496a91d01ca95ea5f8bdc3f9
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d48f5f637187fe83bff6165783efb3dac15cb3d10ba166d92f37312dba9a4ad7
d4f8409746644e557484286fb9c538b6910a640acee551777703106a017bddd6
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d74e57a16f307dccbaa3dd0bfcd61d6228c5683e9728266379672b2611f3ac6c
d7aad6d57a8b5b8dd0ebd20c4d9f7907ec9fd6acdc52c68bf2ce10a5973a170c
d801970d7e3afd7312616bd6285d75c8e2652138458fbdafeb8f712b29aa677f
da003110565090cd4f205639da01e39843f1a00623f7bd8777709cb384c217eb
dc9c127f48bb67af3a8bbe1344f02e911c0d3f665c90a4aa73bfcea8f98dfa00
dcbba1eedff5c9424c8a6457689602c7bb9b53a616b76c6f25fe7f877f225e1e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df73b88229efee147afd8afd6cfb635b22a5b296713d4f2e8602be78aeeefd4a
e18441c7811abba1194a8130a3ec786d24b4a9d8ae6e8486147e47856b5ca0d1
e1e776b76de2f3c5d26073ae5f6bf1b9d1a32a7e94c1df92fef491d7e6f6df59
e2121d2e43da18179a9a66cd77212546662297925068bf7004095d1c3ca7d659
e25ce31806de1eee3a851d1bc47e269def862c12fc7a6150f08c579f86f71014
e297d2a4a7c91c0c992231230f895c4e6c90b5b37f06a73e846d85c697fd088a
e38bde1558dc1aa519bdb7d0103a707bc04ea367f48ac21bb86a0f5db2d972df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43467ea5d461a0509fc8b4f4fc544fc0fe66d4caaa9004b830a2c589466601a
e555478d721db554d486dc7c2ae2d3f4add3ab554cc81edb702d7f797da132d1
e6f9382b5040d405ee77c09656640adcb5be12733d80e4b380e59ac3d2b3c7e3
e75a413792a564fbd4e4e757739891d028132351c4b60e5626c56e5e0cb2b4f1
e7f1bce8aa82599a816a5acd2ee3885209fdf761e313af46f895cbc724d8ce52
ec5798bb1c919cfafcd77c32cf82c4c6bb8c78b1b894a60a0c84871dad1d4765
ee28d55f07003a9e83e501d53f2d8e7b31f636643b67fed0d879d668d434a421
ee6cb4314895ff8d6155df2f707fe81c2d51ad736a24f96bd81b772590d060ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
ef82d21f259fcab1c14752fd5b4890ba9ec3ff99dfd9a26cbbfd21d92f3720b0
f0c400c8be6122ab2a8797b3c495be63393e3f1ec93426a88bb2a87a9996f8a9
f0f8832a07c6d150b1e679d807e16734655e3dd45483b601b99fe5fdca25d22b
f161a608df85cf53234c14399e0e6f7ddcebd81d39e23c542dd33f13d8e398d8
f1716dc321cf1b6c26b7f76578898c3861ba39fe99dc512f3c26d64c7a84bb69
f20026aa84c648fe8d0c406c01f503a37037ed007a4f63279abdd27fb8e69614
f2109387be706d5e1a60a467a0af84c418fb7e5ff3e8d1bc47aaf42975ca7507
f620455f0a97e5a0372834ccbe4109d656a04db3fe989b4f59178b09aeceb5a9
f86c5f6541755bcc63cab085cae7679be3583e6afefe5e336f977f4a8f5a59f4
f8b1c5a373fca26dcc0316bbe8800c84c7e91628930a9fa70ad4769612700e6c
f9e4d81a96976cb41f5afacd1baa70f7b2cb5fcfbf3dccad20d27b776bd491b8
fb78178efb17880986453d866dc2c7ff441b2b2426665937e77f2ae214f44713
fcd58751f30f474057be525bb6f45f04bf0797dcc6397f00325900483496cd54
ffd3ebc4f4b8632daa70fcabfc113a813769ba38e0dce48763b9c6fed713c4b8

www.opovo.com.br Open in urlscan Pro 2606:4700:3033::ac43:cb93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

314 Requests

100 %HTTPS

57 %IPv6

41 Domains

64 Subdomains

62 IPs

6 Countries

3033 kBTransfer

7081 kBSize

3 Cookies

101 Outgoing links

Page URL History

Redirected requests

314 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.opovo.com.br Open in urlscan Pro
2606:4700:3033::ac43:cb93 Public Scan

Screenshot
Live screenshot

Full Image

314
Requests

100 %
HTTPS

57 %
IPv6

41
Domains

64
Subdomains

62
IPs

6
Countries

3033 kB
Transfer

7081 kB
Size

3
Cookies

314 HTTP transactions
11 data transactions