diariodonordeste.verdesmares.com.br Open in urlscan Pro
200.233.65.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://diariodonordeste.verdesmares.com.br/
Effective URL:
https://diariodonordeste.verdesmares.com.br/
Submission Tags: falconsandbox
Submission: On August 12 via api (August 12th 2022, 8:09:15 am UTC) from US — Scanned from DE

Summary HTTP 291 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 64 IPs in 10 countries across 47 domains to perform 291 HTTP transactions. The main IP is 200.233.65.3, located in Brazil and belongs to SECRELNET INFORMATICA LTDA, BR. The main domain is diariodonordeste.verdesmares.com.br. The Cisco Umbrella rank of the primary domain is 258680.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 17th 2022. Valid for: a year.

This is the only time diariodonordeste.verdesmares.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 57	200.233.65.3 200.233.65.3	11921 (SECRELNET...) (SECRELNET INFORMATICA LTDA)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700::68... 2606:4700::6810:df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
6	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	13.225.78.39 13.225.78.39	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
18	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	151.101.2.207 151.101.2.207	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::ac43:4a15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	188.40.92.96 188.40.92.96	24940 (HETZNER-AS) (HETZNER-AS)
1	151.101.66.207 151.101.66.207	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.32.210.226 178.32.210.226	16276 (OVH) (OVH)
1 5	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.155.185.156 54.155.185.156	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.157.139.2 35.157.139.2	16509 (AMAZON-02) (AMAZON-02)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
9 14	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3 5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.95.118.179 52.95.118.179	16509 (AMAZON-02) (AMAZON-02)
1 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:ab6e:8189:a819:79f3	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	184.51.9.184 184.51.9.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	162.19.80.92 162.19.80.92	16276 (OVH) (OVH)
2 2	52.30.61.76 52.30.61.76	16509 (AMAZON-02) (AMAZON-02)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.214.253.121 52.214.253.121	16509 (AMAZON-02) (AMAZON-02)
2 2	54.216.133.37 54.216.133.37	16509 (AMAZON-02) (AMAZON-02)
1 1	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
291	64

57 200.233.65.3 (Brazil) 1 redirects

ASN11921 (SECRELNET INFORMATICA LTDA, BR)

diariodonordeste.verdesmares.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nr-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.207 (United States)

ASN54113 (FASTLY, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4a15 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.premiumads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.40.92.96 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy01.cl03.k8s.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.207 (United States)

ASN54113 (FASTLY, US)

flowcards.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.32.210.226 (France)

ASN16276 (OVH, FR)
PTR: ip226.ip-178-32-210.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.83.142.19 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.185.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-185-156.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.139.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-139-2.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.66 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.118.179 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:ab6e:8189:a819:79f3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.184 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-184.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.80.92 (France)

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.61.76 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-61-76.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.253.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-253-121.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.133.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-133-37.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.101 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.89 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	verdesmares.com.br 1 redirects diariodonordeste.verdesmares.com.br — Cisco Umbrella Rank: 258680	2 MB
49	googlesyndication.com 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	795 KB
46	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	365 KB
25	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	366 KB
13	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 21578 usr.navdmp.com — Cisco Umbrella Rank: 25498 cdn.navdmp.com — Cisco Umbrella Rank: 5528 sync2.navdmp.com — Cisco Umbrella Rank: 44246 sync.navdmp.com — Cisco Umbrella Rank: 8346	8 KB
10	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 528 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 707 pixel.rubiconproject.com — Cisco Umbrella Rank: 326	14 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	2 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 732 gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755	9 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 900 c2.taboola.com — Cisco Umbrella Rank: 8113 nr-events.taboola.com — Cisco Umbrella Rank: 9459 trc-events.taboola.com — Cisco Umbrella Rank: 1491 trc.taboola.com — Cisco Umbrella Rank: 653	189 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 acdn.adnxs.com — Cisco Umbrella Rank: 584 secure.adnxs.com — Cisco Umbrella Rank: 462	23 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 374	143 KB
6	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 13114	5 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	244 KB
5	teads.tv sync.teads.tv — Cisco Umbrella Rank: 921 a.teads.tv — Cisco Umbrella Rank: 1232 at.teads.tv — Cisco Umbrella Rank: 3959 s8t.teads.tv — Cisco Umbrella Rank: 2781	6 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	4 KB
5	yahoo.com 3 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 774 ups.analytics.yahoo.com — Cisco Umbrella Rank: 277 ads.yahoo.com — Cisco Umbrella Rank: 2334 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	2 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 516	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2742	20 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	207 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3235 onesignal.com — Cisco Umbrella Rank: 1193	82 KB
3	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264	2 KB
3	smartadserver.com 1 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1522 sync.smartadserver.com — Cisco Umbrella Rank: 1530	2 KB
3	premiumads.com.br tags.premiumads.com.br — Cisco Umbrella Rank: 221021	136 KB
3	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 145	3 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 188	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 728	548 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 623	598 B
2	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 2757	439 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	529 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	56 KB
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 396	418 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8117 www.google.de — Cisco Umbrella Rank: 5596	1 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 792	382 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 652 eb2.3lift.com — Cisco Umbrella Rank: 411	660 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2580	24 KB
2	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 16608 flowcards.mrf.io — Cisco Umbrella Rank: 17009	23 KB
2	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 3204	29 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 878	5 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	36 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 502	336 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 508	227 B
1	dyntrk.com gu.dyntrk.com — Cisco Umbrella Rank: 1344	394 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 611	98 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 968	609 B
1	360yield.com ice.360yield.com — Cisco Umbrella Rank: 1825	327 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
291	47

	Domain	Requested by
57	diariodonordeste.verdesmares.com.br	1 redirects diariodonordeste.verdesmares.com.br
25	s0.2mdn.net	diariodonordeste.verdesmares.com.br s0.2mdn.net 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
24	tpc.googlesyndication.com	90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net diariodonordeste.verdesmares.com.br
21	pagead2.googlesyndication.com	90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
18	securepubads.g.doubleclick.net	www.googletagservices.com tags.premiumads.com.br securepubads.g.doubleclick.net diariodonordeste.verdesmares.com.br
14	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com diariodonordeste.verdesmares.com.br
7	www.google.com	1 redirects diariodonordeste.verdesmares.com.br tpc.googlesyndication.com securepubads.g.doubleclick.net 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
7	cdn.ampproject.org	diariodonordeste.verdesmares.com.br securepubads.g.doubleclick.net
6	googleads4.g.doubleclick.net	diariodonordeste.verdesmares.com.br
6	events.newsroom.bi	sdk.mrf.io
6	www.googletagservices.com	diariodonordeste.verdesmares.com.br 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	sync.navdmp.com	diariodonordeste.verdesmares.com.br
5	ib.adnxs.com	1 redirects tags.premiumads.com.br googleads.g.doubleclick.net acdn.adnxs.com
4	token.rubiconproject.com	4 redirects
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	gum.criteo.com	2 redirects static.criteo.net
4	90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagmanager.com	diariodonordeste.verdesmares.com.br www.googletagmanager.com tags.premiumads.com.br
3	pixel.rubiconproject.com	1 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	mug.criteo.com
3	tags.premiumads.com.br	www.googletagmanager.com tags.premiumads.com.br diariodonordeste.verdesmares.com.br
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	sb.scorecardresearch.com	cdn.taboola.com diariodonordeste.verdesmares.com.br
3	tag.navdmp.com	diariodonordeste.verdesmares.com.br tag.navdmp.com
2	sync.smartadserver.com	1 redirects
2	dpm.demdex.net	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ad.sxp.smartclip.net	1 redirects
2	match.adsrvr.org
2	eus.rubiconproject.com	tags.premiumads.com.br eus.rubiconproject.com
2	ups.analytics.yahoo.com	2 redirects
2	static.criteo.net	tags.premiumads.com.br static.criteo.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	cdn.navdmp.com	tag.navdmp.com
2	usr.navdmp.com	tag.navdmp.com
2	onetag-sys.com	tags.premiumads.com.br
2	script.4dex.io	tags.premiumads.com.br script.4dex.io
2	onesignal.com	cdn.onesignal.com
2	trc-events.taboola.com	diariodonordeste.verdesmares.com.br
2	nr-events.taboola.com	c2.taboola.com diariodonordeste.verdesmares.com.br
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.taboola.com	diariodonordeste.verdesmares.com.br cdn.taboola.com
2	unpkg.com	1 redirects diariodonordeste.verdesmares.com.br
2	cdn.onesignal.com	diariodonordeste.verdesmares.com.br cdn.onesignal.com
2	code.jquery.com	diariodonordeste.verdesmares.com.br
1	secure.adnxs.com	1 redirects
1	beacon.krxd.net	tag.navdmp.com
1	trc.taboola.com	tag.navdmp.com
1	tags.bluekai.com	tag.navdmp.com
1	gu.dyntrk.com	tag.navdmp.com
1	s8t.teads.tv
1	at.teads.tv	a.teads.tv
1	a.teads.tv	tags.premiumads.com.br
1	id.rlcdn.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.yahoo.com
1	eb2.3lift.com	tags.premiumads.com.br
1	acdn.adnxs.com	tags.premiumads.com.br
1	cms.analytics.yahoo.com	diariodonordeste.verdesmares.com.br
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	diariodonordeste.verdesmares.com.br
1	www.google.de	diariodonordeste.verdesmares.com.br
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	tlx.3lift.com	tags.premiumads.com.br
1	bidder.criteo.com	tags.premiumads.com.br
1	ice.360yield.com	tags.premiumads.com.br
1	fastlane.rubiconproject.com	tags.premiumads.com.br
1	prg.smartadserver.com	tags.premiumads.com.br
1	flowcards.mrf.io	diariodonordeste.verdesmares.com.br
1	sdk.mrf.io	diariodonordeste.verdesmares.com.br
1	c2.taboola.com	diariodonordeste.verdesmares.com.br
1	fonts.googleapis.com	diariodonordeste.verdesmares.com.br
291	81

This site contains links to these domains. Also see Links.

Domain
assine.diariodonordeste.com.br
www.educamaisbrasil.com.br
diariodigital.verdesmares.com.br
api.whatsapp.com
www.instagram.com
www.facebook.com
www.twitter.com
www.youtube.com
midiakit.verdesmares.com.br
privacidade.geq.com.br

Subject Issuer	Validity	Valid
*.verdesmares.com.br Go Daddy Secure Certificate Authority - G2	`2022-01-17` - `2023-01-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
sdk.mrf.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-01-19` - `2023-02-20`	a year	crt.sh
premiumads.com.br Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.cl03.k8s.mrf.io R3	`2022-08-09` - `2022-11-07`	3 months	crt.sh
flowcards.mrf.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-01-19` - `2023-02-20`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.360yield.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.dyntrk.com R3	`2022-06-22` - `2022-09-20`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://diariodonordeste.verdesmares.com.br/
Frame ID: 21F8E42C55EF14F4B7BDB8AB426B6653
Requests: 156 HTTP requests in this frame

Frame: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FAF980230D6D739D514F5F700E4C7378
Requests: 1 HTTP requests in this frame

Frame: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BF1C43E7201B99AEB26F3628E47B4AAF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNWg-KIoHNmtfU1yJkqw_DwpeM76_OziYDSu38rK49GU6giqzU95i38K2VyGLqqNF8qEKMDgGAXicgIROrYfynH4gfQKmHNmh72hULBELbP4W1VAYL0IALDZvtP6iutpTwWhCo27bM-dPDyKLERbIJrdlXA6fJ2C91mNrhDAFK4ACNI5hms
Frame ID: 02FBB9105316794EA9A64F35E9F1E2CE
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
Frame ID: FBDD19EEE7114EA660A07E6F2DB36BBC
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2F3BA4E6E1EF67D0FD50A8B5D480EBAE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FCB3FE28C0E434D910A6A02AFF6CE999
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE7972C304D28C7EAA1067A530A749E6
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: 876D5AAE5E8AF927E9C35D442DDE07E2
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwUHuIjW2ef1cE0s8t9WfrjCCCb0c0PkilPhp5ot1FqYh0T9uIe5DXdr5KEsFkQfdRpxrXXRCU0qFIH4j_Ki_Rv5IEbrcuplbc77FCZqYjfc37IO3u449wYtbiTqNqiIf3saXZkXImyKTvvFfvWUBXPhMrvMBBAnMSSPMFtfKJEZVsuwI8WINTqlbVPZRq7-W6jQWECGsj3w8GfFXt0V3u400AtEgiiZ5Ks-x02feyzJafWaETJjLWAMfRIOAoXoYFw5lzKlZtVP_C68R1wOu-oJwv4iNMOMNEy6EfOAJjm2qkFiSnDKAykL4-Ul1MjRXTQCgooiVXVFlyy5Q&sai=AMfl-YTie4GyrSvtbCaWXL6yWTBZZIbuQHbVgQMvCMPddH_SgSAbMLpFpH6t7RE_TStPHopsKyqwyHbldRXOS5SR-uZv_xZ4tKzKExREt_0vxd40FNVy-9Lpxg9IG-de3rhHRbA&sig=Cg0ArKJSzE248YuLBPJyEAE&uach_m=[UACH]&adurl=
Frame ID: 6894BA9C2B8B597BCF2794176ABAD900
Requests: 8 HTTP requests in this frame

Frame: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AC3FFC1C1C98DFC1D6A0E53DFA4E69BE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTZHBCShCkYjZbq0AEwAQ&v=APEucNXwQrbl3ktgneK0sSlTiMhXKz_S8-lIbPRG5uQEMKTKm3GwLyN7OcaTsRCTL30sDoCripEFpKn61NEOfQl_9ahsTTY66oqGljHPzL0mJLA997oyZvotLYHkwt2wVsBpifxOQYq7ZNucpUSEJXhYtTnmn0iO8ifYR4fStjbGS05jGe0BHZ4
Frame ID: 4674F6225252741C2CC9B368DBF25CD2
Requests: 5 HTTP requests in this frame

Frame: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8DFAB04A6055332840C422D76FD7234D
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=diariodonordeste.verdesmares.com.br
Frame ID: 6AB8338875D778908615E20542CE17F6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTZHBCShCkYt5fq0AEwAQ&v=APEucNVH9KKPDN-tywz7Llgp0RGBwRaC5e6WInneE_nPSbtT_zetReBClVyDZ4KzvbRjs1kmUsA_D-pCHpWoAD4N6dhQ8yne93eZYwgpCWqpvYwssxma8uiZ2y42X7EgG_ziwVLrnrsNXNVbEhaEuiyFYlPLa7EIreBryuQ9McgdLxy3YZj9_i4
Frame ID: AE9F04CBBF321E09CA69805A51A1A265
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2A68C885DF1ED7DEA4867F81EA7579D9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6939886865094433283/index.html
Frame ID: 4E82387636D3A33A79BE32E5D69498ED
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2738980368435975814/index.html
Frame ID: 482F93476C6034DE509929A1970FF64D
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYgNCS33tWYtp1SraWrYv2uQgLmD1THujQONsjnX_RPP85cBXZc1U9mROWrV_b0ElSBbFB-pTB8Rz3sDtSsK4ThReB5kcIt7CPKvup_4bPOuZzT3aL4dnrJp2FOkw8AbNy17KTnfMn-Tiqppilc_poGUfrHwcUnF86tTYT6w4Djf8nc55q-pERCfOIA9MkaLAdhTC4F-HRq1y-7ssSixt27cIMR1cSbdpNVURCjIQzAbj_ND979hSTiZeO3fOzpYOHCzN0TMhM6WOv04TMsQUoCPuWSIgwRYL2SYOb5eWMoU1yIApSgtbmAQ4S6iDW9tVDn5QwOilIPIVbTg&sai=AMfl-YQQYGeeDrzfHlXWjZDoJuZrRqoalrN78n5Md9-WZaMIymXP7tfJaqarfrpMFoWPhGu4ILzYeMbyhegLJvO7LnXZSQDpuPJdL-vsvzjWCgOa&sig=Cg0ArKJSzBW8IZRSWZ1jEAE&uach_m=[UACH]&adurl=
Frame ID: 99878B45C1EB1920319265BA7A007CBD
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 360279EDE2AB5655BE16C4D57FD66875
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6F0D5EAFC8FDB340B7946C9CD417E568
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1660291746830
Frame ID: 4CE43CC80D4D2709D3C577D0418312CD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FE81AE703C91B3D2CAA319DEBFAC4205
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: E79377D2C4DDD42A3E75EA799320481B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Diário do Nordeste - Últimas notícias de Fortaleza, Ceará, Brasil

Page URL History Show full URLs

http://diariodonordeste.verdesmares.com.br/ HTTP 301
https://diariodonordeste.verdesmares.com.br/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

291
Requests

91 %
HTTPS

39 %
IPv6

47
Domains

81
Subdomains

64
IPs

10
Countries

4805 kB
Transfer

10800 kB
Size

51
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://assine.diariodonordeste.com.br/lojadiariodonordeste/acesso-assinante/https://diariodonordeste.verdesmares.com.br/
Title: Entrar

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/lojadiariodonordeste/
Title: Assinar

Search URL Search Domain Scan URL

URL: https://www.educamaisbrasil.com.br/diariodonordeste
Title: Bolsas de Estudo

Search URL Search Domain Scan URL

URL: http://diariodigital.verdesmares.com.br/loginAssinante?utm_source=diariodonordeste-home&utm_medium=referral&utm_campaign=conversao_digital

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/?utm_source=digital&utm_medium=widget&utm_campaign=edicaododia&utm_id=blackdn
Title: Assinar

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=+5585999690752
Title: (85) 99969-0752

Search URL Search Domain Scan URL

URL: https://www.instagram.com/diariodonordeste

Search URL Search Domain Scan URL

URL: https://www.facebook.com/diariodonordeste

Search URL Search Domain Scan URL

URL: https://www.twitter.com/diarioonline

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/diariodonordeste

Search URL Search Domain Scan URL

URL: http://midiakit.verdesmares.com.br/veiculos/diario-do-nordeste
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/
Title: Assine

Search URL Search Domain Scan URL

URL: https://privacidade.geq.com.br/
Title: Portal da Privacidade

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://diariodonordeste.verdesmares.com.br/ HTTP 301
https://diariodonordeste.verdesmares.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://unpkg.com/swiper@8/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@8.3.2/swiper-bundle.min.css

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=73911051566 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=73911051566&google_tc= HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=73911051566&google_gid=CAESEDndMk6ROqZJVR4LMmgYsp4&google_cver=1

Request Chain 125

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=6a8762f6-0aa3-4a00-902b-439c278e6ebf

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhNaAD5imtpHZWwhtenNWY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhNaAD5imtpHZWwhtenNWY&google_cver=1&C=1

Request Chain 136

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvYKoz6xdjM0phSLPgir1AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhNaAD5imtpHZWwhtenNWY&google_cver=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFtcLGlCZ0UlRLFHTNTC-d0&google_cver=1

Request Chain 138

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYyMDg1NDk3NjE0ODM3MTQ2OA%3D%3D

Request Chain 184

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPJWlz27c-UfDmRjMcAjLK0&google_cver=1

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEHpaDqYKl232NIjmr5RnXJQ&google_cver=1

Request Chain 227

https://gum.criteo.com/sid/json?origin=publishertag&domain=verdesmares.com.br&sn=ChromeSyncframe&so=0&topUrl=diariodonordeste.verdesmares.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=wws1sXxEbkZ2cGQ4Mk9DMUNmb2VrT3c2eHlYNG9BQXQyaTgyeWZ4d2VYQ20ybzVxQTdKRitaM0x3THVFSXpGOU1HZHd3a1YzYnBlczNlcWJaU1dqWG8rVzNpbVRlbTF3QjdFQmdGZ2dkd05wb1hrb1lXbnpEK2FTVHVEQnRGTDFuM1IzTHBROTZxUTh0VEVSM2FuMC9JQ1Q0V2FqTzh2bTVKcldsVlB0QjJWVUcrS01GeWd3SGlkSGdPeWNPVmNJK01QeEs4OHI3VjV1Y3p5Q20wZk5YdDNpRXJmanNCdnp3SEI4SXVuODJseFUzU2pKZmJMd29EMklZMXRUTFozR0Flc1EzRjdsNjRzZkRGU1dhcEFoRGVDMGpwQT09fA&cppv=2

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMXq00lEsEJH5rsoVr2Pb5A&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMXq00lEsEJH5rsoVr2Pb5A&google_cver=1&__user_check__=1&sync_id=0b2e010e-1a16-11ed-91ed-19da87bf0306

Request Chain 232

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=0b2dc6ad-1a16-11ed-b95a-10d4c6b20506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MGIyZGM2NTYtMWExNi0xMWVkLWI5NWEtMTBkNGM2YjIwNTA2

Request Chain 233

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yaUtDSVQ5RTJ1R3VCZHpsU243cC50b3JsUmlpUV9RYn5B

Request Chain 260

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&domain=diariodonordeste.verdesmares.com.br&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=84uQ6HxDclk4cFZYQS96bm13ODNLdXlveUViZmFYblFUQmZSYm0xMmFwZGNzcDR6djQxS1VuRU9RMFlFdmp6ZkFjdEtuakNRTnYrWjBPa1BjbWxMaCthdEQ2RkVqaVlLeW5BL1ZiVU14aVdtYVFZS3NkTFp3dVZkTFZGelRkNC9TUG1KMlRQaFc1cG1rSUhnR1hSWFlndWM0dkdpemRjOUhUemFVa0dyNjdmRHk2R01YNWFQYUdJZTZRQVBRUW0zVlphR0NmWHE1Z3RNYjFQeXg5UjVFY0xWWU03VGUyUFFwQUloNGo2c25aNFQvMWkxdkNiMFhuTXF6SmtUUlFyWlpzejBrQlFKSkp5UnZONUdUTk5xN1lGZk1xN1d6dlRkMlZQcWxURWR3ekcvUmdacTJnT1JDeHd2Q29kaHVDUVFmUEFKQ3w&cppv=2

Request Chain 270

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGMxZDY1MzUzNzBjNjEyZmM2YjE1YjM0MWMzMzlkZTMwMjYyZDg1Nw

Request Chain 271

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DSnWnFKATK-WMdRw4zvwIw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DSnWnFKATK-WMdRw4zvwIw

Request Chain 272

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZRNlU2VFotOS00UFZH

Request Chain 273

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6Q6U6TZ-9-4PVG&sigv=1&esig=2~41baeb1977ecd3b74368e83b2cbda7a3215cfcb0

Request Chain 275

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/uqrLX3up9qnisjxJQylzOw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8657579647801396891

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL8H_fETdGPlJYA_8ErR6KA&google_cver=1

Request Chain 286

https://ad.sxp.smartclip.net/sync?type=red&dsp=75 HTTP 302
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1

Request Chain 287

https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=YvYKqAAF1TbtJgAK HTTP 302
https://sync.navdmp.com/sync?prtid=17&tubid=YvYKqAAF1TbtJgAK&_test=YvYKqAAF1TbtJgAK

Request Chain 289

https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=73911051566?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=15478/tp=NVEG/tpid=73911051566?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D HTTP 302
https://sync.navdmp.com/sync?prtid=38&lotid=

Request Chain 293

https://dpm.demdex.net/ibs:dpid=822&dpuuid=73911051566&redir=https%3A//sync.navdmp.com/sync%3Fid%3D73911051566%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=73911051566&redir=https%3A//sync.navdmp.com/sync%3Fid%3D73911051566%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
https://sync.navdmp.com/sync?id=73911051566&adID=70288633611647255070108661037370863400&img=1

Request Chain 294

https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1 HTTP 302
https://sync.navdmp.com/sync?appNx=1620854976148371468&img=1

Request Chain 296

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1

291 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
diariodonordeste.verdesmares.com.br/
Redirect Chain

http://diariodonordeste.verdesmares.com.br/
https://diariodonordeste.verdesmares.com.br/

443 KB
33 KB

472ms
157ms

Document
text/html

200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

71eac38c27969aaadb1f6902412c06de83f41dd0462ef04474e28dd19222c037

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29
cache-control: public, max-age=300, s-maxage=300
content-encoding: gzip
content-length: 33833
content-type: text/html;charset=utf-8
date: Fri, 12 Aug 2022 08:09:05 GMT
expires: Fri, 12 Aug 2022 08:13:37 GMT
server: nginx
x-cache: HIT
x-cache-rule: YES with ttl: 60.000 /
x-cacheable: YES
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 12 Aug 2022 08:09:05 GMT
Location: https://diariodonordeste.verdesmares.com.br/
Server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 139ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 07:19:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 12 Aug 2022 08:09:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Aug 2022 08:09:06 GMT

GET
H2 200 base.css
diariodonordeste.verdesmares.com.br/static/assets/styles/ 2 KB
1 KB 307ms
305ms Stylesheet
text/css 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

9a911782a9d1a53c1c90b440beed750584f83620bef4d1c97de328a8fa472b47

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:05 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /static/assets/styles/base.css?v=1.0.39
last-modified: Fri, 10 Jun 2022 09:09:20 GMT
server: nginx
age: 21
etag: W/"2403-1654852160000"
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
accept-ranges: bytes
content-length: 890

GET
H2 200 components.css
diariodonordeste.verdesmares.com.br/static/assets/styles/ 119 KB
19 KB 307ms
306ms Stylesheet
text/css 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/components.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

a0e1b81ee14a9c3432248f962ca11f3d939f6066c4eafb15a61680e7b406aa18

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:05 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /static/assets/styles/components.css?v=1.0.39
last-modified: Fri, 10 Jun 2022 09:09:20 GMT
server: nginx
age: 21
etag: W/"121759-1654852160000"
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
accept-ranges: bytes
content-length: 18848

GET
H2 200 light.css
diariodonordeste.verdesmares.com.br/static/assets/styles/themes/ 334 B
424 B 309ms
308ms Stylesheet
text/css 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/themes/light.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

52a29b757bfaf927dcb60fc3ed65d05560152bdc2b12227e5c53344237d1bed3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:05 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /static/assets/styles/themes/light.css?v=1.0.39
last-modified: Fri, 10 Jun 2022 09:09:20 GMT
server: nginx
age: 21
etag: W/"334-1654852160000"
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
accept-ranges: bytes
content-length: 149

GET
H2 200 diario.css
diariodonordeste.verdesmares.com.br/static/assets/styles/themes/ 14 KB
2 KB 308ms
307ms Stylesheet
text/css 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/themes/diario.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

38fc116785ae25f52631e992255d5c67cc26dc621e998e6301b9b66ad48435e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:05 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /static/assets/styles/themes/diario.css?v=1.0.39
last-modified: Fri, 10 Jun 2022 09:09:20 GMT
server: nginx
age: 21
etag: W/"14542-1654852160000"
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
accept-ranges: bytes
content-length: 2011

GET
H2 200 main.css
diariodonordeste.verdesmares.com.br/static/morpheus-ui/dist/ 20 KB
5 KB 308ms
307ms Stylesheet
text/css 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/morpheus-ui/dist/main.css?v=0.0.9

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

c5e5710156c081fbd83804f28d6d3e89bab8ff259c4ef33b45808132432bf36f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:05 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /static/morpheus-ui/dist/main.css?v=0.0.9
last-modified: Thu, 30 Jun 2022 04:53:28 GMT
server: nginx
age: 43
etag: W/"20628-1656564808000"
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
accept-ranges: bytes
content-length: 4519

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 168ms
48ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a572a02ec8455db2071db3f529ebb9ef017d26bb3db70cd1ff4301f62c0192c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28685
x-xss-protection: 0
server: sffe
etag: "1301 / 80 of 1000 / last-modified: 1660255544"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Aug 2022 08:09:06 GMT

GET
H2 200 p_googletag.js Show response
diariodonordeste.verdesmares.com.br/static/assets/scripts/ 2 KB
1 KB 309ms
308ms Script
application/javascript 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/scripts/p_googletag.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

f099ab2b067e69ce7aec7316818cd1847e4bf80ecc9b3efa0cc9b4fa3d1e88d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:05 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 3600.000 /static/assets/scripts/p_googletag.js
last-modified: Fri, 10 Jun 2022 09:09:20 GMT
server: nginx
age: 1464
etag: W/"2534-1654852160000"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 898

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 109 KB
31 KB 1090ms
971ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f112a3f134c1958ba797d0aecc4eee099aab2157d228856c56c3d3338c1bc414

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31961
x-xss-protection: 0
server: sffe
date: Fri, 12 Aug 2022 08:09:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "6179f5489a0fbe8a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Aug 2022 08:09:07 GMT

GET
H2 200 Nayana%20Siebra.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3184194:1643049185/ 29 KB
28 KB 167ms
159ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3184194:1643049185/Nayana%20Siebra.jpg?f=1x1&$p$f=7c01487

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

24ad03ebddce6b812548e2c78dae4f8d22e9bc183a04fb50398afa8145979181

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 620
age: 3220
x-original-image-width: 925
x-rendered-image-height: 620
x-cache: HIT
content-length: 27816
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3184194:1643049185/Nayana%20Siebra.jpg?f=1x1&$p$f=7c01487
x-original-image-height: 1280
server: nginx
etag: "policy:1.3184194:1643049185"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 14:10:51 GMT

GET
H2 200 Dahiana.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949622:1590811707/ 75 KB
73 KB 167ms
160ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949622:1590811707/Dahiana.jpg?f=1x1&$p$f=9c0ad51

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

e795eb948324543bd2ab45b10486927d0d8c0d0369094ed74dabafbc12701bde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 800
age: 1839
x-original-image-width: 800
x-rendered-image-height: 800
x-cache: HIT
content-length: 74180
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.2949622:1590811707/Dahiana.jpg?f=1x1&$p$f=9c0ad51
x-original-image-height: 1200
server: nginx
etag: "policy:1.2949622:1590811707"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 16:36:57 GMT

GET
H2 200 ARTM_SAMUEL2.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3141983:1632934010/ 73 KB
68 KB 318ms
310ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3141983:1632934010/ARTM_SAMUEL2.jpg?f=1x1&$p$f=95f247f

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

5d7587e75fab6d40b212f9d602bf1b001dcad3788811a0cbc6f09cf2a26524c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 975
age: 2236
x-original-image-width: 1134
x-rendered-image-height: 975
x-cache: HIT
content-length: 68772
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3141983:1632934010/ARTM_SAMUEL2.jpg?f=1x1&$p$f=95f247f
x-original-image-height: 975
server: nginx
etag: "policy:1.3141983:1632934010"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 08:34:47 GMT

GET
H2 200 WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3184465:1643113284/ 31 KB
30 KB 318ms
311ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3184465:1643113284/WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg?f=1x1&$p$f=4078d9c

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

d9736ecc3d0b02292cbcc412ccde89edccaa563cf91cb2e4c93e20ef91bfb2e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 495
age: 1012
x-original-image-width: 800
x-rendered-image-height: 495
x-cache: HIT
content-length: 30309
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3184465:1643113284/WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg?f=1x1&$p$f=4078d9c
x-original-image-height: 653
server: nginx
etag: "policy:1.3184465:1643113284"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 22:39:03 GMT

GET
H2 200 Sem-T%C3%ADtulo-1.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181853:1642509659/ 69 KB
65 KB 318ms
311ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181853:1642509659/Sem-T%C3%ADtulo-1.jpg?f=1x1&$p$f=de10c88

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

6dc54b59d9676995b295651619a40959edfd2e18ef49e89e4c0a569066c1405d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 850
age: 1252
x-original-image-width: 850
x-rendered-image-height: 850
x-cache: HIT
content-length: 65902
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3181853:1642509659/Sem-T%C3%ADtulo-1.jpg?f=1x1&$p$f=de10c88
x-original-image-height: 850
server: nginx
etag: "policy:1.3181853:1642509659"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 22:39:03 GMT

GET
H2 200 Jeritza%20Gurgel.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3023895:1608638084/ 14 KB
14 KB 319ms
312ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3023895:1608638084/Jeritza%20Gurgel.jpg?f=1x1&$p$f=ded099d

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

d7534b85b050963115a9f1ae415c2ca510316892cee81d03c5440e0eb3f9b6c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 400
age: 3050
x-original-image-width: 400
x-rendered-image-height: 400
x-cache: HIT
content-length: 13446
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3023895:1608638084/Jeritza%20Gurgel.jpg?f=1x1&$p$f=ded099d
x-original-image-height: 400
server: nginx
etag: "policy:1.3023895:1608638084"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 10:13:07 GMT

GET
H2 200 WhatsApp%20Image%202022-01-17%20at%2016.21.35.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181665:1642447213/ 169 KB
161 KB 320ms
313ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181665:1642447213/WhatsApp%20Image%202022-01-17%20at%2016.21.35.jpeg?f=1x1&$p$f=8826b08

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

44785beca13e118ddd542af15e05c9464aad937564cc8bb57d666580376dec29

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 1273
age: 1012
x-original-image-width: 1280
x-rendered-image-height: 1273
x-cache: HIT
content-length: 163868
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3181665:1642447213/WhatsApp%20Image%202022-01-17%20at%2016.21.35.jpeg?f=1x1&$p$f=8826b08
x-original-image-height: 1273
server: nginx
etag: "policy:1.3181665:1642447213"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 22:39:03 GMT

GET
H2 200 alexandre%20mota.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949537:1632956151/ 32 KB
31 KB 319ms
312ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949537:1632956151/alexandre%20mota.jpg?f=1x1&$p$f=8232c5b

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

50e2046d98598eb3d15933fe759244180923a6a97926ba2a4ae0497c3eaf1af5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 592
age: 1252
x-original-image-width: 800
x-rendered-image-height: 592
x-cache: HIT
content-length: 31725
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.2949537:1632956151/alexandre%20mota.jpg?f=1x1&$p$f=8232c5b
x-original-image-height: 1200
server: nginx
etag: "policy:1.2949537:1632956151"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 22:39:01 GMT

GET
H2 200 Andr%C3%A9%20Almeida.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949549:1632957008/ 33 KB
32 KB 319ms
313ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949549:1632957008/Andr%C3%A9%20Almeida.jpg?f=1x1&$p$f=3497731

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

3470ec5a8c42a5266093ffc43138e26da1e0c7990e6316f76e9a18a650ef3d7c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 603
age: 459
x-original-image-width: 800
x-rendered-image-height: 603
x-cache: HIT
content-length: 31922
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.2949549:1632957008/Andr%C3%A9%20Almeida.jpg?f=1x1&$p$f=3497731
x-original-image-height: 1200
server: nginx
etag: "policy:1.2949549:1632957008"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 08:55:03 GMT

GET
H2 200 Ciro-e-Izolda.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266526:1660255264/ 27 KB
27 KB 318ms
312ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266526:1660255264/Ciro-e-Izolda.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b64978c

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

49c0f5d354d182c56b1a3846a635ace028296343ca6bd96f951cd22e03568f0f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 1474
x-original-image-width: 1200
x-rendered-image-height: 314
x-cache: HIT
content-length: 27693
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266526:1660255264/Ciro-e-Izolda.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b64978c
x-original-image-height: 800
server: nginx
etag: "policy:1.3266526:1660255264"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 22:41:09 GMT

GET
H2 200 WhatsApp%20Image%202022-01-03%20at%2012.58.16.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3177150:1641306476/ 88 KB
79 KB 477ms
471ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3177150:1641306476/WhatsApp%20Image%202022-01-03%20at%2012.58.16.jpeg?f=1x1&$p$f=25b45a2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

7b3e1381a618c7a746ec787409d36256763a1a9e57489daea865e7726ff506cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 1080
age: 822
x-original-image-width: 1080
x-rendered-image-height: 1080
x-cache: HIT
content-length: 80662
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3177150:1641306476/WhatsApp%20Image%202022-01-03%20at%2012.58.16.jpeg?f=1x1&$p$f=25b45a2
x-original-image-height: 1080
server: nginx
etag: "policy:1.3177150:1641306476"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 06:01:07 GMT

GET
H2 200 Paz-Robinson.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3227699:1660247448/ 21 KB
21 KB 476ms
470ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3227699:1660247448/Paz-Robinson.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=fb23c3a

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

6c7398895002d2d2a90234021a72a06b112c9acbea07d4099f54535b885c63fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 865
x-original-image-width: 1140
x-rendered-image-height: 314
x-cache: HIT
content-length: 21318
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3227699:1660247448/Paz-Robinson.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=fb23c3a
x-original-image-height: 641
server: nginx
etag: "policy:1.3227699:1660247448"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 19:53:31 GMT

GET
H2 200 Classico-Rei-Ceara-Fortaleza.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266245:1660255652/ 26 KB
27 KB 476ms
470ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266245:1660255652/Classico-Rei-Ceara-Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=2d0a20e

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

4d255f52b0f0150d6226c2c1bfe2ae7ac071e9061d68d1261453cffaf019092a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 3577
x-original-image-width: 800
x-rendered-image-height: 314
x-cache: HIT
content-length: 26804
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266245:1660255652/Classico-Rei-Ceara-Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=2d0a20e
x-original-image-height: 533
server: nginx
etag: "policy:1.3266245:1660255652"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 22:07:42 GMT

GET
H2 200 auxilio-brasil.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266164:1660176559/ 28 KB
29 KB 476ms
470ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266164:1660176559/auxilio-brasil.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=dd39c03

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

a396903db5c24684126ac9663f836968a23b57b16fc1945079ca6f640dcf82ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 2084
x-original-image-width: 1280
x-rendered-image-height: 314
x-cache: HIT
content-length: 28760
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266164:1660176559/auxilio-brasil.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=dd39c03
x-original-image-height: 720
server: nginx
etag: "policy:1.3266164:1660176559"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 18:35:13 GMT

GET
H2 200 Curta-o-genero-3.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266568:1660272420/ 20 KB
20 KB 477ms
471ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266568:1660272420/Curta-o-genero-3.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=228ef4c

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

5b65b30e58ae9d413022d1f325fdc715a0465e4ca0324a2af87d905509443f6d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 310
x-original-image-width: 1920
x-rendered-image-height: 314
x-cache: HIT
content-length: 20438
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266568:1660272420/Curta-o-genero-3.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=228ef4c
x-original-image-height: 1080
server: nginx
etag: "policy:1.3266568:1660272420"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 03:02:56 GMT

GET
H2 200 Suzana-Vieira.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266562:1660269679/ 28 KB
28 KB 475ms
469ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266562:1660269679/Suzana-Vieira.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=2ba25da

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

d9160a42691d415e5662e50315d7b63037d04cc4b00918eda40b82e1ccec31b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 2727
x-original-image-width: 928
x-rendered-image-height: 314
x-cache: HIT
content-length: 28394
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266562:1660269679/Suzana-Vieira.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=2ba25da
x-original-image-height: 626
server: nginx
etag: "policy:1.3266562:1660269679"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 02:22:32 GMT

GET
H2 200 aviso.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266552:1660265811/ 11 KB
11 KB 477ms
471ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266552:1660265811/aviso.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=defd886

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

f6847fbbc6cc07598ebcbe60001e111822d702bf32057628307cc6a38a071561

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 310
x-original-image-width: 1080
x-rendered-image-height: 314
x-cache: HIT
content-length: 10728
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266552:1660265811/aviso.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=defd886
x-original-image-height: 676
server: nginx
etag: "policy:1.3266552:1660265811"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 01:02:27 GMT

GET
H2 200 urso.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266533:1660256536/ 20 KB
20 KB 477ms
471ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266533:1660256536/urso.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=5e83baa

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

70d64ce7e0ad03d6fda09a43e76fb19ef0f03a340d1062eb529cf7318e0c7429

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 2293
x-original-image-width: 1022
x-rendered-image-height: 314
x-cache: HIT
content-length: 20139
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266533:1660256536/urso.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=5e83baa
x-original-image-height: 592
server: nginx
etag: "policy:1.3266533:1660256536"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 22:30:07 GMT

GET
H2 200 Colegio-Capital.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266323:1660236353/ 23 KB
23 KB 477ms
472ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266323:1660236353/Colegio-Capital.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e763422

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

6938ec6db58e17a81c5992714b49e3d4a888c81a25432bbd912b2ea22a077423

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 2868
x-original-image-width: 1125
x-rendered-image-height: 314
x-cache: HIT
content-length: 23241
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266323:1660236353/Colegio-Capital.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e763422
x-original-image-height: 685
server: nginx
etag: "policy:1.3266323:1660236353"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 17:20:28 GMT

GET
H2 200 Sobrado-Dr.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3265926:1660227433/ 31 KB
31 KB 477ms
472ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3265926:1660227433/Sobrado-Dr.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a38c4d1

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

04124d4f15639f45c9c0f0216ff01e60f4d445fa5f5f2d57e97891607ada95aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 419
age: 2963
x-original-image-width: 1280
x-rendered-image-height: 314
x-cache: HIT
content-length: 31133
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3265926:1660227433/Sobrado-Dr.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a38c4d1
x-original-image-height: 853
server: nginx
etag: "policy:1.3265926:1660227433"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 14:17:33 GMT

GET
H2 200 Gabriel-Monteiro.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266443:1660248518/ 19 KB
19 KB 478ms
472ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266443:1660248518/Gabriel-Monteiro.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=c95f816

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

d3793e82ea04ecd875fafc3a72edc4f665550e0f1be35ae65fec607b5c7ae556

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 2868
x-original-image-width: 973
x-rendered-image-height: 314
x-cache: HIT
content-length: 18840
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266443:1660248518/Gabriel-Monteiro.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=c95f816
x-original-image-height: 545
server: nginx
etag: "policy:1.3266443:1660248518"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 21:19:43 GMT

GET
H2 200 Ato-em-defesa-democracia-em-Fortaleza.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266289:1660228055/ 30 KB
30 KB 478ms
473ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266289:1660228055/Ato-em-defesa-democracia-em-Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=7a7c4c9

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

c916da4c1033c62a9517e264f5182cd435d8a090b16e739f5b96463c49755b2b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 2293
x-original-image-width: 1296
x-rendered-image-height: 314
x-cache: HIT
content-length: 30551
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266289:1660228055/Ato-em-defesa-democracia-em-Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=7a7c4c9
x-original-image-height: 864
server: nginx
etag: "policy:1.3266289:1660228055"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 15:25:36 GMT

GET
H2 200 castel-o.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266463:1660250882/ 31 KB
31 KB 478ms
473ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266463:1660250882/castel-o.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=182dd1b

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

2b7b2f3ed3255ecf4db69618e88afd3932cf30224a3b76ffe84ddc48aaa248f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 942
x-original-image-width: 1024
x-rendered-image-height: 314
x-cache: HIT
content-length: 31192
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266463:1660250882/castel-o.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=182dd1b
x-original-image-height: 576
server: nginx
etag: "policy:1.3266463:1660250882"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 20:52:28 GMT

GET
H2 200 Flamengo.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266432:1660247410/ 61 KB
61 KB 479ms
474ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266432:1660247410/Flamengo.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ed74c54

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

774fe4ba17c222ddd33247e960189a174983d356c7be78631c3fe32e41bc014c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 259
x-original-image-width: 2048
x-rendered-image-height: 314
x-cache: HIT
content-length: 61899
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266432:1660247410/Flamengo.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ed74c54
x-original-image-height: 1365
server: nginx
etag: "policy:1.3266432:1660247410"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 20:03:17 GMT

GET
H2 200 vina.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266256:1660224578/ 10 KB
10 KB 484ms
479ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266256:1660224578/vina.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ca457b8

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

9088a599570dfe2d36b2a193d576c3605b22d059556e3e17be70866580c7ea01

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 241
age: 2125
x-original-image-width: 659
x-rendered-image-height: 181
x-cache: HIT
content-length: 9644
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266256:1660224578/vina.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ca457b8
x-original-image-height: 473
server: nginx
etag: "policy:1.3266256:1660224578"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 13:30:50 GMT

GET
H2 200 Fortaleza.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266364:1660240850/ 30 KB
30 KB 478ms
473ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266364:1660240850/Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=daccd26

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

d81e76c9f6d7297de6b0b72c52c20e0fd49fe06330a9f5b9aa33f4fa3590ce6e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 3210
x-original-image-width: 1600
x-rendered-image-height: 314
x-cache: HIT
content-length: 30677
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266364:1660240850/Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=daccd26
x-original-image-height: 1067
server: nginx
etag: "policy:1.3266364:1660240850"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 18:13:41 GMT

GET
H2 200 imagem-topo.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266066:1660163895/ 29 KB
29 KB 478ms
474ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266066:1660163895/imagem-topo.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=f20259e

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

1e7867ad011d453dd312c270c23679a26cc2b67e8bb03cde4aaaca3a5147c8ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 2293
x-original-image-width: 1024
x-rendered-image-height: 314
x-cache: HIT
content-length: 29190
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266066:1660163895/imagem-topo.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=f20259e
x-original-image-height: 768
server: nginx
etag: "policy:1.3266066:1660163895"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 09:28:38 GMT

GET
H2 200 Camilo-e-Elmano.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266260:1660224283/ 23 KB
24 KB 479ms
474ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266260:1660224283/Camilo-e-Elmano.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=445c169

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

afd30171b1d63a739683b8dfe63e157c7f2fbd5dd2c24834c648055a0c8ddf9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 2293
x-original-image-width: 1600
x-rendered-image-height: 314
x-cache: HIT
content-length: 23642
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266260:1660224283/Camilo-e-Elmano.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=445c169
x-original-image-height: 1066
server: nginx
etag: "policy:1.3266260:1660224283"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 13:33:46 GMT

GET
H2 200 In%C3%A1cio%20Aguiar.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949681:1590813220/ 47 KB
44 KB 479ms
474ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949681:1590813220/In%C3%A1cio%20Aguiar.jpg?f=1x1&$p$f=49a0dee

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

cbda2c20b24dd92cbabf67d4eec4724a5feaa4096794ba608a7b070cfc71ac5a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 800
age: 1252
x-original-image-width: 800
x-rendered-image-height: 800
x-cache: HIT
content-length: 44365
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.2949681:1590813220/In%C3%A1cio%20Aguiar.jpg?f=1x1&$p$f=49a0dee
x-original-image-height: 1200
server: nginx
etag: "policy:1.2949681:1590813220"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 22:39:03 GMT

GET
H2 200 exercicio.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266283:1660227669/ 17 KB
17 KB 480ms
475ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266283:1660227669/exercicio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=6dd10a7

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

b467d9832fdd739e6dfad12ef81a50f30f650d90557ae171c43bf5f664cde1ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 1942
x-original-image-width: 1280
x-rendered-image-height: 314
x-cache: HIT
content-length: 16787
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266283:1660227669/exercicio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=6dd10a7
x-original-image-height: 851
server: nginx
etag: "policy:1.3266283:1660227669"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 16:34:16 GMT

GET
H2 200 Billie-Eilish.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266445:1660249079/ 21 KB
21 KB 479ms
475ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266445:1660249079/Billie-Eilish.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=51ee59d

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

3cfb455baf00bacacecf51d80ea824692d27da62da57f505f23155d14e0b14a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 910
x-original-image-width: 4088
x-rendered-image-height: 314
x-cache: HIT
content-length: 21386
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266445:1660249079/Billie-Eilish.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=51ee59d
x-original-image-height: 2938
server: nginx
etag: "policy:1.3266445:1660249079"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 20:52:36 GMT

GET
H2 200 TCU.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266284:1660227672/ 25 KB
26 KB 480ms
476ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266284:1660227672/TCU.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=fafe5a9

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

c2d14a5f715ad5fbd86c1ed9edba548ba70b130cd31cf526d879597e318dc5e4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 788
x-original-image-width: 1200
x-rendered-image-height: 314
x-cache: HIT
content-length: 25704
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266284:1660227672/TCU.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=fafe5a9
x-original-image-height: 799
server: nginx
etag: "policy:1.3266284:1660227672"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 16:14:59 GMT

GET
H2 200 Crime.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266309:1660244303/ 18 KB
18 KB 480ms
476ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266309:1660244303/Crime.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9bc2fcb

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

abdd245f4f0cfd9ab65c5e2e86b13c2fcc65b4c1482ec1f7b2f6ba51307db19d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 409
x-original-image-width: 1200
x-rendered-image-height: 314
x-cache: HIT
content-length: 18105
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266309:1660244303/Crime.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9bc2fcb
x-original-image-height: 675
server: nginx
etag: "policy:1.3266309:1660244303"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 18:58:48 GMT

GET
H2 200 Crime.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266354:1660239311/ 22 KB
23 KB 480ms
476ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266354:1660239311/Crime.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9bc2fcb

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

7de977da6ca5d7db408ef71063abad98c09cc21605e7aecc35d6d0bab95ff663

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 662
x-original-image-width: 1600
x-rendered-image-height: 314
x-cache: HIT
content-length: 22845
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266354:1660239311/Crime.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9bc2fcb
x-original-image-height: 720
server: nginx
etag: "policy:1.3266354:1660239311"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 17:55:52 GMT

GET
H2 200 professora.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266270:1660225538/ 33 KB
33 KB 480ms
476ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266270:1660225538/professora.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=6d88f70

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

6f4a1cc4f6001a56abf19b14b64ff38ab892624fdcf6c1a52ad167db57a5ca4b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 2084
x-original-image-width: 828
x-rendered-image-height: 314
x-cache: HIT
content-length: 32978
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266270:1660225538/professora.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=6d88f70
x-original-image-height: 848
server: nginx
etag: "policy:1.3266270:1660225538"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 15:29:50 GMT

GET
H2 200 Suspeito.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266303:1660240556/ 26 KB
27 KB 482ms
478ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266303:1660240556/Suspeito.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=926b08d

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

55e323edecc3157c56a091ffd030cdb0f22c1368153e7df2251057ff3df8dd0a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 662
x-original-image-width: 1199
x-rendered-image-height: 314
x-cache: HIT
content-length: 26800
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266303:1660240556/Suspeito.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=926b08d
x-original-image-height: 675
server: nginx
etag: "policy:1.3266303:1660240556"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 17:56:41 GMT

GET
H2 200 vitima-paulo-victor-intervencao-policial.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266031:1660158579/ 15 KB
16 KB 481ms
477ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266031:1660158579/vitima-paulo-victor-intervencao-policial.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a64c867

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

5b8bfdb6da76b03adc36b19b73f80ed6cb75b5bd2aa195d474872406b094c642

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 418
age: 2459
x-original-image-width: 1079
x-rendered-image-height: 314
x-cache: HIT
content-length: 15577
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266031:1660158579/vitima-paulo-victor-intervencao-policial.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a64c867
x-original-image-height: 607
server: nginx
etag: "policy:1.3266031:1660158579"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:49:39 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ 94 KB
33 KB 57ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1787d"
vary: Accept-Encoding
x-hw: 1660291746.dop204.am5.t,1660291746.cds207.am5.hn,1660291746.cds284.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 68ms
32ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-1c1f"
vary: Accept-Encoding
x-hw: 1660291746.dop204.am5.t,1660291746.cds207.am5.hn,1660291746.cds306.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3063

GET
H2 200 morpheus.js Show response
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/scripts/ 30 KB
10 KB 163ms
156ms Script
application/javascript 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/scripts/morpheus.js?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

a813062a7f0437a92984ea3a39feec5b7f070309be4765804739bb6917ecc6db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 2592000.000 /css/diario/assets/morpheus/scripts/morpheus.js?v=1.0.39
last-modified: Fri, 03 Jun 2022 04:53:26 GMT
server: nginx
age: 207007
etag: W/"30240-1654232006000"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9730

GET
H2 200 main.js Show response
diariodonordeste.verdesmares.com.br/static/morpheus-ui/dist/ 0
243 B 164ms
156ms Script
application/javascript 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/morpheus-ui/dist/main.js?v=0.0.9

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
x-cache-rule: YES with ttl: 60.000 /static/morpheus-ui/dist/main.js?v=0.0.9
last-modified: Thu, 30 Jun 2022 04:53:28 GMT
server: nginx
age: 32
etag: W/"0-1656564808000"
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
accept-ranges: bytes
content-length: 0

GET
H2 200 com.atex.gong.paywall.membership.js Show response
diariodonordeste.verdesmares.com.br/js/ 7 KB
2 KB 166ms
158ms Script
application/javascript 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/js/com.atex.gong.paywall.membership.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 3600.000 /js/com.atex.gong.paywall.membership.js
last-modified: Wed, 20 May 2020 20:08:38 GMT
server: nginx
age: 1492
etag: W/"7606-1590005318000"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2011

GET
H2 200 lazy.js Show response
diariodonordeste.verdesmares.com.br/static/diario/assets/js/ 4 KB
2 KB 165ms
157ms Script
application/javascript 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/diario/assets/js/lazy.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

4dc1ff3b77f0146e967c433c5fe7e039f607af8c487a92015389629331c1d775

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 3600.000 /static/diario/assets/js/lazy.js
last-modified: Fri, 26 Nov 2021 04:57:58 GMT
server: nginx
age: 1492
etag: W/"4343-1637902678000"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1693

GET
H2 200 group-widgets.js Show response
diariodonordeste.verdesmares.com.br/static/diario/assets/js/ 540 B
574 B 166ms
159ms Script
application/javascript 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/diario/assets/js/group-widgets.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

53cb63726a0b21ca199891a569d46bf700bee8f9afd9c377570dfcf5c0e2cdb6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 3600.000 /static/diario/assets/js/group-widgets.js
last-modified: Wed, 29 Dec 2021 05:07:44 GMT
server: nginx
age: 1651
etag: W/"540-1640754464000"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 280

GET
H2 200 advertisingSticky.js Show response
diariodonordeste.verdesmares.com.br/static/assets/scripts/ 2 KB
850 B 167ms
159ms Script
application/javascript 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/scripts/advertisingSticky.js?v=1

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

74579a8b4fe27aa309796dcc0cfb3a592762a369cfa3c807ab7b6e7e60f1f891

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /static/assets/scripts/advertisingSticky.js?v=1
last-modified: Fri, 10 Jun 2022 09:09:20 GMT
server: nginx
age: 21
etag: W/"1544-1654852160000"
x-cacheable: YES
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
accept-ranges: bytes
content-length: 563

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 78ms
31ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7397ba164c875c44-FRA
date: Fri, 12 Aug 2022 08:09:06 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2103
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 15 Aug 2022 08:09:06 GMT

GET
H2 200 WhatsApp%20Image%202022-08-11%20at%2022.17.08.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266569:1660273245/ 40 KB
40 KB 481ms
478ms Image
image/jpeg 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3266569:1660273245/WhatsApp%20Image%202022-08-11%20at%2022.17.08.jpeg?h=496&w=340&$p$h$w=fa08564

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

887456f26281fc6082fff8d88811b35e978901519b34ed1e9b99b902b4c991b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-rendered-image-width: 337
age: 403
x-original-image-width: 870
x-rendered-image-height: 496
x-cache: HIT
content-length: 40468
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3266569:1660273245/WhatsApp%20Image%202022-08-11%20at%2022.17.08.jpeg?h=496&w=340&$p$h$w=fa08564
x-original-image-height: 1280
server: nginx
etag: "policy:1.3266569:1660273245"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 03:01:55 GMT

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@8.3.2/
Redirect Chain

https://unpkg.com/swiper@8/swiper-bundle.min.css
https://unpkg.com/swiper@8.3.2/swiper-bundle.min.css

16 KB
5 KB

26ms
26ms

Stylesheet
text/css

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.3.2/swiper-bundle.min.css

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1457632
fly-request-id: 01G8X3F8HFRX10AZ1ATG8QWHXY-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"4052-dxUYZpo3DZFa3w0gfyoiCSp2jNE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7397ba1698ff903d-FRA

Redirect headers

date: Fri, 12 Aug 2022 08:09:06 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GA8H3M9AHP0VFR0NGQZ3EDWD-fra
server: cloudflare
age: 506
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@8.3.2/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 7397ba163887903d-FRA
access-control-allow-origin: *

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 42ms
15ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 May 2022 12:22:37 GMT
server: cloudflare
age: 1519
etag: W/"6283938d-3671"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 7397ba162c4e5c62-FRA
content-type: application/javascript
expires: Fri, 12 Aug 2022 08:43:47 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/ 365 KB
31 KB 29ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d27ed1714f8102754977b74fd3818903401767761b36f92fb609493d9067b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: FDkewIaABbpkigZ2Q.oqglxo5IyDcWx2
content-encoding: gzip
etag: "6cb59635091b17f7412d07c422a5468a"
age: 27
x-cache: HIT
content-length: 31123
x-amz-id-2: LPeYM4+xpIM0TjrsESFDHkPPJlTZeGqkPtWVBuDO+J1jIf9oAoW+hJ3dWSmYDjL7ZiKbLUTI8kI=
x-served-by: cache-hhn4021-HHN
last-modified: Thu, 11 Aug 2022 09:54:27 GMT
server: AmazonS3
x-timer: S1660291746.260601,VS0,VE1
date: Fri, 12 Aug 2022 08:09:06 GMT
vary: Accept-Encoding
x-amz-request-id: Q8KJHFTJ0BA7C63C
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 76
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 154 KB
54 KB 145ms
57ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2a693f58d63720fa4ba8357fd2b16ec3558f84877f65b7dd7a7613d1e994488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54847
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Aug 2022 08:09:06 GMT

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/diariodonordeste-diariodonordeste/ 59 KB
17 KB 31ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/diariodonordeste-diariodonordeste/newsroom.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 128d2cf69ce3669c10edf58d4e8049b363f7f857e9a0608769ab83e0d5ea33bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "2bd02c30770a862797f357ab39c187a0"
age: 179
x-cache: HIT
content-length: 17267
x-amz-id-2: q5aDIInz5mTQEWUXBdnAy0BTErsUMNH6PbIEjLiYe+67moO1o+dQMlxWH0MDdhzehFComhphg+A=
x-served-by: cache-hhn4053-HHN
last-modified: Thu, 17 Feb 2022 22:20:57 GMT
server: AmazonS3
x-timer: S1660291746.261474,VS0,VE1
date: Fri, 12 Aug 2022 08:09:06 GMT
vary: Accept-Encoding
x-amz-request-id: S7R49GB7GWHAVM99
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 146ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 23:09:50 GMT
x-content-type-options: nosniff
age: 291556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 23:09:50 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 158ms
53ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 08:45:21 GMT
x-content-type-options: nosniff
age: 257025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 08:45:21 GMT

GET
H2 200 ArdinaText-Medium.woff2
diariodonordeste.verdesmares.com.br/static/assets/fonts/ardina-text/ 19 KB
19 KB 437ms
436ms Font
font/woff2 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/fonts/ardina-text/ArdinaText-Medium.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

3f78db732fd67cee6fbe4b219ebfec4f4ddefa9d83080fe6019a291071609f33

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 3600.000 /static/assets/fonts/ardina-text/ArdinaText-Medium.woff2
last-modified: Fri, 10 Jun 2022 09:09:20 GMT
server: nginx
age: 1452
etag: W/"19032-1654852160000"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff2;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19060

GET
H2 200 ArdinaText-Bold.woff2
diariodonordeste.verdesmares.com.br/static/assets/fonts/ardina-text/ 19 KB
19 KB 437ms
436ms Font
font/woff2 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/fonts/ardina-text/ArdinaText-Bold.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

f5baa4d60470a8a53017733f8489c66411d0b65af7883d73c22ac1c949478c35

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 3600.000 /static/assets/fonts/ardina-text/ArdinaText-Bold.woff2
last-modified: Fri, 10 Jun 2022 09:09:20 GMT
server: nginx
age: 1452
etag: W/"19260-1654852160000"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff2;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19288

GET
H2 200 icofont.woff2
diariodonordeste.verdesmares.com.br/static/assets/fonts/icofont/ 525 KB
525 KB 436ms
436ms Font
font/woff2 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/fonts/icofont/icofont.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

b8683d861b8449eaa346c46cfa609c2142c0e505e41615aee70096c6e31e919e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 3600.000 /static/assets/fonts/icofont/icofont.woff2
last-modified: Fri, 10 Jun 2022 09:09:20 GMT
server: nginx
age: 1492
etag: W/"537868-1654852160000"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff2;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 536919

GET
H2 200 longitude-display-inline.woff2
diariodonordeste.verdesmares.com.br/static/assets/fonts/longitude-display-inline/ 25 KB
26 KB 436ms
435ms Font
font/woff2 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/fonts/longitude-display-inline/longitude-display-inline.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

4829ca9e6ed3a3620fe05f1cc9ac86c6bba79da2f2a67e98b81dae9fd05fd806

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 3600.000 /static/assets/fonts/longitude-display-inline/longitude-display-inline.woff2
last-modified: Fri, 10 Jun 2022 09:09:20 GMT
server: nginx
age: 1492
etag: W/"25808-1654852160000"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: font/woff2;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25836

GET
H2 200 82438 Show response
tag.navdmp.com/u/ 500 B
508 B 483ms
483ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/82438
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cdf488e01c52018c72e669f38948ef1b3f44463428e6f2fd87c1d77ca77c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 25 May 2022 11:58:12 GMT
server: cloudflare
etag: W/"628e19d4-1f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 7397ba169cdf5c62-FRA
content-type: application/javascript
expires: Fri, 12 Aug 2022 09:09:06 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/diariodonordeste-diariodonordeste/ 3 KB
2 KB 319ms
290ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/diariodonordeste-diariodonordeste/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a9c491b50bba720218e34460861af80230634424a8492598b0561802d73b3c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: AmhLqBLRZHY.Aosr9D9jNSh55WTKn4jT
content-encoding: gzip
etag: "b52d83120e4bcee7d5763061828c3ad1"
age: 161
x-cache: HIT, MISS
content-length: 1157
x-amz-id-2: 3CPt/KXwn9MD0NuNqaRKCaGC+qWmTIi2y76m0OykQgFmu2fpze6gDOjdd+gcIyY+VSLst1jotTY=
x-served-by: cache-lax10649-LGB, cache-hhn4070-HHN
last-modified: Tue, 01 Mar 2022 17:48:34 GMT
server: AmazonS3
x-timer: S1660291746.391772,VS0,VE283
date: Fri, 12 Aug 2022 08:09:06 GMT
vary: Accept-Encoding,,
x-amz-request-id: 0X201TNZ55JCRJK6
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20220811-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 679 KB
141 KB 7ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220811-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a9f542c0d98b1deb323f1f9963046534e7a98b6f9fbaca32cdb8d49f377c1151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: tOCpXfpX3YcCLPOluidGWdt9utJwBbSW
content-encoding: br
etag: "cf8cf3840874e1dfab09c56604f542ac"
age: 26493
x-cache: HIT
content-length: 143612
x-amz-id-2: J58wy69XsiqCxb65HXsdUIZj3M2A0GtUjyko1QBDtguK5Bz5XqMI0f6y5QyDf+Q7U+++nwJ4nRE=
x-served-by: cache-hhn4021-HHN
last-modified: Thu, 11 Aug 2022 08:46:33 GMT
server: AmazonS3-br
x-timer: S1660291746.362579,VS0,VE0
date: Fri, 12 Aug 2022 08:09:06 GMT
vary: Accept-Encoding
x-amz-request-id: 56CFKJCMCX30NXNB
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 2
x-cache-hits: 13908

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 51ms
20ms Script
application/javascript 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 04:55:42 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 11606
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 1KXqcDhXW4xV5aaOio8mmmR0gNslgYVJryiVqpE-4e4RafNO_aDNNQ==

GET
H2 200 get-action Show response
nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/ 132 B
293 B 25ms
18ms Script
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/get-action?page.url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&view.id=163234552389002761&page.template=home&page.dashboard=home
Requested by: Host: c2.taboola.com
URL: https://c2.taboola.com/nr/diariodonordeste-diariodonordeste/newsroom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 57b5f5c21273cdb4ae16327da934be16812fd25dcad92479a2bb6ef8192fad65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

tbl-x-upstream: 10.44.229.2:8080
date: Fri, 12 Aug 2022 08:09:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660291746.377316,VS0,VE11
x-served-by: cache-hhn4053-HHN
x-cache: MISS
content-type: application/json;charset=UTF-8
accept-ranges: bytes
content-length: 132
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/diariodonordeste-diariodonordeste/log/2/ 0
90 B 69ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/diariodonordeste-diariodonordeste/log/2/debug?tim=08%3A09%3A06.406&type=info&msg=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&llvl=2&id=1881&cv=20220811-9-RELEASE&lt=deflated&pct=1
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14575

GET
H2 204 notify-impression
nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/ 0
51 B 18ms
17ms Image
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/notify-impression?page.url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&view.id=163234552389002761&page.template=home&page.dashboard=home
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

tbl-x-upstream: 10.44.229.2:8080
date: Fri, 12 Aug 2022 08:09:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660291746.431288,VS0,VE10
x-served-by: cache-hhn4053-HHN
x-cache: MISS
accept-ranges: bytes
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 30ms
29ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7397ba176e145c44-FRA
date: Fri, 12 Aug 2022 08:09:06 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2103
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 15 Aug 2022 08:09:06 GMT

GET
H2 200 amp-instagram-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
3 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-instagram-0.1.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a0fd533dfeac20f84303dd7a53225f8290e53d2907f96c4d696af2f032f0c7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2208
x-xss-protection: 0
server: sffe
date: Fri, 12 Aug 2022 08:09:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "0277dd08e7cebd8c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Aug 2022 08:09:06 GMT

GET
H2 200 p.gif
diariodonordeste.verdesmares.com.br/logger/ 43 B
365 B 247ms
247ms Image
image/gif 200.233.65.3
SECRELNET INFORMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/logger/p.gif?d=/2.16447/2.246

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

200.233.65.3 , Brazil, ASN11921 (SECRELNET INFORMATICA LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-cacheable: NO:Not-Cacheable
server: nginx
age: 0
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
expires: Mon, 04 Jan 1999 00:00:01 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 9ms
9ms Image
text/plain 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1660291746471&ns_c=UTF-8&c7=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&c8=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&c9=
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: zvrH7TxZMbLzndD8xYGmKSDhvH3Kn3e50OTI_cTBmEu2bVpLkVnS9g==
x-cache: Miss from cloudfront

GET
H2 200 pubads_impl_2022080801.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
132 KB 121ms
32ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 20:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134395
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:39:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Aug 2023 20:54:25 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 157 B
753 B 128ms
40ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=diariodonordeste.verdesmares.com.br

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f1538fb1d271d15c842a46eff6e08f8fa83679543260bc36670a33da3170fe21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Fri, 12 Aug 2022 08:09:06 GMT

GET
H2 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 81 KB
23 KB 43ms
14ms Script
application/javascript 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dd0ffb941fd486407c07c046255bfc1f52322061b14b9683bc4c5833dfc64dc

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: br
x-b3-traceid: 68ba29e46be84aa5a63512b164209890
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront, HIT
mrf-cache-status: H
access-control-max-age: 3600
x-b3-traceid-primal: 23574cafe910422389e6a8fbfaa33f71
content-length: 22623
x-served-by: cache-hhn4064-HHN
last-modified: Wed, 10 Aug 2022 15:20:36 GMT
server: AmazonS3
x-timer: S1660291747.549446,VS0,VE1
etag: W/"73e113506a8d26beea3438375e01c1f4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: rKfX9FljVA6YHuipLe2QfCuQJc84UpMxdm3nqjARzRbgarOr8EVaig==
x-cache-hits: 1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
71 KB 172ms
88ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

976dd7148b0dca6d24169ab74339aedd9daff66a689de300a50353fbdd2da472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73137
x-xss-protection: 0
expires: Fri, 12 Aug 2022 08:09:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4026
date: Fri, 12 Aug 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 12 Aug 2022 09:02:00 GMT

GET
H2 200 24efd11c-063c-46de-9749-1636434fcb6c Show response
tags.premiumads.com.br/dfp/ 86 KB
28 KB 58ms
16ms Script
text/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ecaecc9b0e99b911c0f1b2d0040f1f6179f9edffe75729164de4df60620e981b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 739589
x-powered-by: ASP.NET
last-modified: Wed, 03 Aug 2022 18:42:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QA5KSrnXQc4uZhQwbfz3xwmQYbrGKdkF73CoULAK9PeR4C2g%2FGTgdu0RZ4n%2FPfvtBSSNRsjk1dS8Oh5WWAejBwnpyLZVCLYXBSiEDsOBpo10wIYHNgWOOJOSx%2BuiPP3URj6wkqmUlfxUQZdWQ186sVrY7VY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=3600
cf-ray: 7397ba181eb19274-FRA
cf-bgj: minify

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 13ms
13ms Image
text/plain 13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=20663921&cs_it=b3&cv=3.8.0.210223&ns__t=1660291746541&ns_c=UTF-8&c7=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&c8=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&c9=
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-39.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 44uEyh8Kh0xMwVIudpnqt7HvBL3X1chgKLvesrUnpAycKZHz6gHLrA==
x-cache: Miss from cloudfront

GET
H2 200 web Show response
onesignal.com/api/v1/sync/9e3bfd2d-ec9d-4e2d-8fee-bca085daac66/ 6 KB
2 KB 35ms
27ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/9e3bfd2d-ec9d-4e2d-8fee-bca085daac66/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3915b8861ba361f4777def6f57e088a8c152228acbcd545d22daa5c95906006

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 2962
cf-polished: origSize=5958
status: 200 OK
x-envoy-upstream-service-time: 33
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2884cf36-4314-4b47-a180-89a23b8bf44c
x-runtime: 0.031351
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e8368f84b1a33baa02a478818a2f828a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 7397ba180ed95c44-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 12 Aug 2022 09:09:06 GMT

GET
H2 200 pbjs-min.js Show response
tags.premiumads.com.br/scripts/ 341 KB
96 KB 22ms
22ms Script
application/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4ed8f3e0efab9abde3c9365e1f252ba74896afebb879371741f560e22e6213ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2541969
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
last-modified: Mon, 11 Jul 2022 09:16:30 GMT
server: cloudflare
etag: W/"1d89506e7e57f34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9C%2BfdD97HYCvA1CnyiwMQAaCiaRr%2BgOR1sGq3anbGixL55hEXoOOprfY2fFRo0Mw09JSF%2Fp%2F7kU540dmpRN%2Bfj3BUGsu7dYY0AJXOR4DE%2F%2BszZDr5QV5uUD%2Fmx6lhWVreYCmzIF9Qc063I0XMHd5XNc37U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7397ba183ed39274-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 90ms
90ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

edf36f1ce73a51eadddad7abbd167942024c53ba1329b50093652a67611ffc77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28775
x-xss-protection: 0
server: sffe
etag: "1301 / 225 of 1000 / last-modified: 1660255589"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Aug 2022 08:09:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 80ms
71ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-210532949-3

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf33dddf9296531e76af0c414d35f396d3d0aa675d010ad93e4d397bfdb51511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41917
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Aug 2022 08:09:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 63ms
55ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-210532949-3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b066ae0594f8106ab6a4577d3342242714381756fdc3e51d661f5669924a595b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41938
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Aug 2022 08:09:06 GMT

GET
H2 200 p_icons_3.png
tags.premiumads.com.br/Content/ 12 KB
12 KB 13ms
13ms Image
image/png 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.premiumads.com.br/Content/p_icons_3.png

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2541684
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-length: 12013
last-modified: Mon, 11 Jul 2022 09:16:30 GMT
server: cloudflare
etag: "1d89506e7e005ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuMUAVJCbeqKEpLIQM35c3%2BPQ6jn%2B0VTwxk0OlsZiO4%2Fse4D%2Fyl1XtjmL0tF2PQbgnU%2BaV7bBB1%2B%2Bv8JTY%2BYTVlBO%2BePMenf2iafWbMng4SuNI3iXBg2Sa9uTaAbPDY0cXXmcV0iP9vUN0LXSg8Fow8mf2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7397ba184ed89274-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK ingest.php Show response
events.newsroom.bi/ 116 B
946 B 64ms
16ms XHR
application/json 188.40.92.96
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.k8s.mrf.io
Software: istio-envoy /
Resource Hash: 5f81bed0f608ec58cf80ba7d5528a2f17b8b173c2d61e6df36359c3d91fac9c5

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary9EOpVWZAz0tcOWkR

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 79

GET
H2 200 active Show response
flowcards.mrf.io/json/ 16 B
374 B 31ms
7ms Fetch
application/json 151.101.66.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://flowcards.mrf.io/json/active?site_id=391&page_technology=0
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-b3-traceid: 93dd3c98e28a49de941157196cb7092a
x-cache: HIT
mrf-cache-status: H
x-envoy-upstream-service-time: 0
x-b3-traceid-primal: b1e9a06d185845dcbe1a5c2ed5d580b8
content-length: 42
x-served-by: cache-hhn4065-HHN
server: istio-envoy
x-timer: S1660291747.662440,VS0,VE1
vary: origin
x-req-backend: F_origin_1_croupier
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 124ms
46ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1727861956&t=pageview&_s=1&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&ul=en-us&de=UTF-8&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1708960723&gjid=1788754643&cid=1788308407.1660291747&tid=UA-41498495-1&_gid=1851300034.1660291747&_r=1&gtm=2wg8805XXKK2&z=148772444

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pmk-202010011.1.js Show response
widget.perfectmarket.com/diariodonordeste-diariodonordeste/ 99 KB
27 KB 10ms
10ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/diariodonordeste-diariodonordeste/pmk-202010011.1.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/diariodonordeste-diariodonordeste/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcf719cd6c1893ef28246de19a56d2e900e3d3d64db739f2e8710fd0a002ce51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: ajpPHFnjf9PwUo8gwPgqxjRvzqIHOOtO
content-encoding: gzip
etag: "3e47f5b37f5efa28d6996943be401ec4"
age: 2066154
x-cache: HIT, HIT
content-length: 27705
x-amz-id-2: hVndIScVEf4c/8fDDAPtLUOOUOI3AoouWpizq67Q/mhfJpcoZIirZbpKsU26f+16r+dGAi+NVqA=
x-served-by: cache-lax10635-LGB, cache-hhn4070-HHN
last-modified: Tue, 01 Mar 2022 17:48:33 GMT
server: AmazonS3
x-timer: S1660291747.689841,VS0,VE1
date: Fri, 12 Aug 2022 08:09:06 GMT
vary: Accept-Encoding,,
x-amz-request-id: 6DRHA0QKE4M83SSF
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
940 B 63ms
22ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 328153
x-amz-request-id: tx2c2a7f1003e44e2d861b5-00629f4bc7
x-amz-id-2: tx2c2a7f1003e44e2d861b5-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTLT5QbqxdyALzd15sQTtbvKAu7dLGg6FJHew%2BR%2BBWFdAOd6K4TZ7ofNJRMRVmBiCM9RAaxCBK5GqFVSYUpY9f9jhPySZr4yDw0aAGBxd%2Fi4MZxMA3pt5kR5QC7oqKmxitdbcmC3HeAxmzIo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 7397ba194eab9950-FRA

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
577 B 212ms
109ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 168ms
133ms XHR
application/json 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f5d7b46894c7a7c8346953e909792a23a26f2f0955245e9b86e66c78c5978f27

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 08:09:06 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e59a5c53-38d9-4b48-8774-ac35789de7c0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 366 B
1 KB 147ms
50ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=278982&zone_id=1419332&size_id=2&alt_size_ids=55%2C58&rp_schain=1.0,1!premiumads.com.br,ad245932-5fbb-4643-888f-058ed0a9f623,1,,,&rf=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&tg_i.pbadslot=%2F75894840%2C1028625%2FDIARIO_DO_NORDESTE_HEADERSTICKY%23P_DIARIO_DO_NORDESTE_HEADERSTICKY_0&tk_flint=pbjs_lite_v6.10.0&x_source.tid=a8552db0-fcd0-41fc-a138-d9a116ecc9b0&p_screen_res=1600x1200&rp_floor=0.07707129094412331&rp_secure=1&rp_maxbids=1&p_gpid=%2F75894840%2C1028625%2FDIARIO_DO_NORDESTE_HEADERSTICKY%23P_DIARIO_DO_NORDESTE_HEADERSTICKY_0&slots=1&rand=0.6527810698171943
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a3e3d9d33cdfeffc09aad51cddd433962313b608e2131cc1c11fd783d2f89d13

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 08:09:06 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 366
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 hb Show response
ice.360yield.com/ 98 B
327 B 102ms
31ms XHR
application/json 54.155.185.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22155ed5749f9afd4%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22premiumads.com.br%22%2C%22sid%22%3A%22ad245932-5fbb-4643-888f-058ed0a9f623%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22809f7d616681f8%22%2C%22currency%22%3A%22USD%22%2C%22bidfloor%22%3A0.07707129094412331%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22596714%2C%22tid%22%3A%22a8552db0-fcd0-41fc-a138-d9a116ecc9b0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.185.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-185-156.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2ef3ed8f87316e8a92e315422bf8df5882356f37eb7caf02827106ca3de5f52

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
date: Fri, 12 Aug 2022 08:09:06 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 98
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
333 B 92ms
46ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.10.0&cb=19412053680

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
520 B 75ms
52ms XHR
application/json 35.157.139.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.10.0&referrer=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&tmax=2500

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.139.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-139-2.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:06 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type: application/json; charset=utf-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
382 B 35ms
12ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 151ms
51ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=diariodonordeste.verdesmares.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 142ms
55ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=diariodonordeste.verdesmares.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 1514ms
1442ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220353504625144&correlator=1988296830738284&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=1028625%2CMP2&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=1&adks=1579567785&sfv=1-0-38&fsapi=false&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660291746797&lmt=1660291746&dlt=1660291745908&idt=792&adxs=1064&adys=5650&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=1788308407.1660291747&ga_sid=1660291747&ga_hid=1727861956&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7498b1b532c68224ba510b2edf4dc127fc8ea29d6610b004673702fceede760c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10487
x-xss-protection: 0
google-lineitem-id: 6083588621
pragma: no-cache
server: cafe
google-creative-id: 614796081276
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FAF9 6 KB
4 KB 150ms
48ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 08:09:06 GMT
expires: Sat, 12 Aug 2023 08:09:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
19 KB 2842ms
2777ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220353504625144&correlator=1988296830738284&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=1028625%2CSLB1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=2&adks=3090499511&sfv=1-0-38&fsapi=false&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660291746805&lmt=1660291746&dlt=1660291745908&idt=792&adxs=250&adys=290&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=1788308407.1660291747&ga_sid=1660291747&ga_hid=1727861956&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

cc013f3025c4fc822c5b66d7d50e498e087f24ba2032bcb7344932acae5b3138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19322
x-xss-protection: 0
google-lineitem-id: 6081340956
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138401005846
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
19 KB 1979ms
1919ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220353504625144&correlator=1988296830738284&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=1028625%2CRET1&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=3&adks=2563766507&sfv=1-0-38&fsapi=false&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660291746811&lmt=1660291746&dlt=1660291745908&idt=792&adxs=1064&adys=2210&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=1788308407.1660291747&ga_sid=1660291747&ga_hid=1727861956&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

601d40b5ff3c27a70aed33f2c20f46451f980bc04ddfd209539b0e3b29452e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
google-lineitem-id: 6084240916
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400673292
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 2474ms
2419ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220353504625144&correlator=1988296830738284&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=1028625%2CMP1&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=4&adks=2221311577&sfv=1-0-38&fsapi=false&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660291746815&lmt=1660291746&dlt=1660291745908&idt=792&adxs=1064&adys=2533&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=1788308407.1660291747&ga_sid=1660291747&ga_hid=1727861956&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e58a12a18c5dc28037f867c2f97580b77507da05d33d84c9f88217a3c627b93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10449
x-xss-protection: 0
google-lineitem-id: 6083588621
pragma: no-cache
server: cafe
google-creative-id: 614796081276
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
9 KB 302ms
251ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220353504625144&correlator=1988296830738284&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=1028625%2CRET2&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=5&adks=1118732954&sfv=1-0-38&fsapi=false&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660291746818&lmt=1660291746&dlt=1660291745908&idt=792&adxs=1064&adys=4428&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=1788308407.1660291747&ga_sid=1660291747&ga_hid=1727861956&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a39e1e8127789e4fe37b6ec148d1018014664a2c5b33db875a40cff9740ce92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9146
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 2179ms
2132ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220353504625144&correlator=1988296830738284&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=1028625%2CSLB3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=6&adks=405032439&sfv=1-0-38&fsapi=false&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660291746823&lmt=1660291746&dlt=1660291745908&idt=792&adxs=250&adys=2122&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=1248x0&msz=1100x0&fws=0&ohw=0&ga_vid=1788308407.1660291747&ga_sid=1660291747&ga_hid=1727861956&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

491ecd3d6d86ddabc55e5c8c46f07fe755eea98d1c8a9894f15d8b6a334a7c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10278
x-xss-protection: 0
google-lineitem-id: 6083745030
pragma: no-cache
server: cafe
google-creative-id: 614927399675
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 1686ms
1642ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220353504625144&correlator=1988296830738284&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=1028625%2CSLB2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=7&adks=298823652&sfv=1-0-38&fsapi=false&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660291746827&lmt=1660291746&dlt=1660291745908&idt=792&adxs=250&adys=1252&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=1248x0&msz=1100x0&fws=0&ohw=0&ga_vid=1788308407.1660291747&ga_sid=1660291747&ga_hid=1727861956&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

95cfc3316442f9adb3a53fc333d1308963143925f374f3de13fb1fb0732fe424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10715
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 52ms
52ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1727861956&t=pageview&_s=1&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&ul=en-us&de=UTF-8&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1617025459&gjid=962304796&cid=1788308407.1660291747&tid=UA-210532949-3&_gid=1851300034.1660291747&_r=1&gtm=2ou880&z=649837954

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
455 B 77ms
19ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41498495-1&cid=1788308407.1660291747&jid=1708960723&gjid=1788754643&_gid=1851300034.1660291747&_u=YEBAAEAAAAAAAC~&z=265562113

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Aug 2022 08:09:06 GMT
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
351 B 113ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3DESQCJNQ5&gtm=2oe880&_p=1727861956&cid=1788308407.1660291747&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660291746&sct=1&seg=0&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 56ms
27ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1629794
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txd7867bfb0c694b9a9a020-0062a056be
x-amz-id-2: txd7867bfb0c694b9a9a020-0062a056be
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pR%2BXfP7ksTrpL4Ocn7oaziJByMUDTDd5QzDsn26ZZT0IaunqCrt7UP7yyT8vt%2BLQ%2B6XMGyFvG93ccHDxt7iaMWAsTWLOxl53Or7Jj2titdl1J9grlbuAXcjMykR6H97%2FUHNOKH1i4Kbo3fu2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 7397ba1a6add9030-FRA
access-control-allow-headers: Authorization

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
453 B 147ms
137ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=82438&u=1&new=1&wst=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b11d5ec13e533456af439018e0c1c5e4ba8a7d369bed2e50cad5ef0bf3b7c87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: public
date: Fri, 12 Aug 2022 08:09:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7397ba1a49a95c62-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Fri, 12 Aug 2022 09:09:06 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 172ms
66ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41498495-1&cid=1788308407.1660291747&jid=1708960723&_u=YEBAAEAAAAAAAC~&z=846062254

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 173ms
62ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41498495-1&cid=1788308407.1660291747&jid=1708960723&_u=YEBAAEAAAAAAAC~&z=846062254

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
9 KB 371ms
370ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220353504625144&correlator=1988296830738284&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&iu_parts=75894840%3A1028625%2CDIARIO_DO_NORDESTE_HEADERSTICKY&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C1000x90&ifi=8&adks=614391757&sfv=1-0-38&fsbs=1&fsapi=false&prev_scp=data_type%3Danchor%26pp_sticky%3Dbottom%26pp_loop%3D00%26pp_pb%3D0.40&cust_params=pp_premium_lazyload%3Dfalse%26url%3Ddiariodonordeste.verdesmares.com.br%26categoria%3Dhome&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1660291746963&lmt=1660291746&dlt=1660291745908&idt=792&adxs=315&adys=1095&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=1000x-1&msz=1000x-1&fws=512&ohw=0&ga_vid=1788308407.1660291747&ga_sid=1660291747&ga_hid=1727861956&ga_fc=true&cbidsp=CqwBCAESFAoNc21hcnRhZHNlcnZlchDaASACEg8KCGFwcG5leHVzEMEBIAISDgoHcnViaWNvbhCzASACEhQKDmltcHJvdmVkaWdpdGFsEHogAhIMCgZjcml0ZW8QdiACEhAKCnRyaXBsZWxpZnQQcyACEgwKBm9uZXRhZxBZIAIYAiIkYTg1NTJkYjAtZmNkMC00MWZjLWExMzgtZDlhMTE2ZWNjOWIwKgIIA0DEEw..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

d73564f54dbbac7a8666c38fba318891b275fa2416263715bd3ec0bb34a5e7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9351
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 46ms
45ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7397ba1acc066958-FRA
date: Fri, 12 Aug 2022 08:09:07 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2102
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Sep 2022 08:09:07 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
78 B 150ms
141ms Script
application/x-javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=9&id=113571252e7eb10d9cbd653b9c10%7C0&acc=82438&tit=Di%25E1rio%2520do%2520Nordeste%2520-%2520%25DAltimas%2520not%25EDcias%2520de%2520Fortaleza%252C%2520Cear%25E1%252C%2520Brasil&url=https%253A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&upd=1&new=1&h1=PONTOPODER
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7397ba1b8b5e5c62-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=73911051566
https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=73911051566&google_tc=
https://sync2.navdmp.com/sync?prtid=2&id=73911051566&google_gid=CAESEDndMk6ROqZJVR4LMmgYsp4&google_cver=1

6 B
58 B

147ms
138ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=73911051566&google_gid=CAESEDndMk6ROqZJVR4LMmgYsp4&google_cver=1
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7397ba1d0d855c62-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync2.navdmp.com/sync?prtid=2&id=73911051566&google_gid=CAESEDndMk6ROqZJVR4LMmgYsp4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=6a8762f6-0aa3-4a00-902b-439c278e6ebf

43 B
130 B

472ms
464ms

Image
image/gif

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=6a8762f6-0aa3-4a00-902b-439c278e6ebf
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:07 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 7397ba1d2da75c62-FRA
content-length: 43

Redirect headers

Date: Fri, 12 Aug 2022 08:09:07 GMT
Server: MT3 4475 c1dc35a master hkg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://sync.navdmp.com/sync?img=1&mdia=6a8762f6-0aa3-4a00-902b-439c278e6ebf
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 12 Aug 2022 08:09:06 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
123 B 126ms
37ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:07 GMT
via: http/1.1 spdc0101.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8

GET
H3 200 container.html Show response
90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BF1C 6 KB
3 KB 125ms
47ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 08:09:07 GMT
expires: Sat, 12 Aug 2023 08:09:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 02FB 624 B
733 B 135ms
50ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNWg-KIoHNmtfU1yJkqw_DwpeM76_OziYDSu38rK49GU6giqzU95i38K2VyGLqqNF8qEKMDgGAXicgIROrYfynH4gfQKmHNmh72hULBELbP4W1VAYL0IALDZvtP6iutpTwWhCo27bM-dPDyKLERbIJrdlXA6fJ2C91mNrhDAFK4ACNI5hms

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 08:09:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BF1C 85 KB
35 KB 180ms
95ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIcSppfRKfPvkzcNI2-5CJ_TYW3DCjsOuPhc914Is0CsMM55nyVrDArl8PGsTEW8TjYlqXQAZh26fNR7sX26NuG3eY_Q-U9b_ZqZ5I-aZuaC_BzReaVXnWKDBztdlMIyydK3aHSXOhXt4Ic2StjovyJ4zZvQ&dbm_d=AKAmf-CJRh0iS16WMrEb6wsX-LfXxw-4SNqxE5Qc_4Gx3v6qC0RYYcSBNHpr2S1sUMRBhnpnOnfEZCU_ymBuZGK4SQWm6GSuAXH5AT8Hq3ZNNe2UqPl4xdEP-t5vqxT0TD180ovOssNWSYol3krbqcURswtxSrl8xQy8ct5MJJVbaqmYYVBqmLDu4pqzFNhfEV83lKUths8G8EHU_OCRQw1rdrbyl07kzlmiTqTSQQCgs8lhbtrZj1HPTNUJPU57VO2ZutD96fttCAK2Sfq_F0J8pVWcLtKo2AwcFTKD0aYbbO7WuLPCPgSV36MfQrktLrGFGgcA9fxlmqfVPycBsq85NyL0PPV2SbdLqxx7C_rBJjaupsIZIU88OfXEY6sl2dzO1harHtr7EZH1tRb7p8-P6sOu1O9sFCYMEDtREublO3kk5sVaRzmJ1X9vAStuQlUPrSFcjiCA9s3Dtpv5EE3osZO-qTfQFWaVLpeLPSgCm0uM2rdMrJI5356exbXYC6cYZP_sVw8Mm1rIOLqU97mZoz1LyJFgqJYCLNDHn_9tlWXQoZFEJW8yCu9xscHAd9Blt9gR86sUPUnYMb-ubkxMgLJxNtKbLZLGZ9CycKtbgjjOkKJMRQm4Esm_VUpDgafD5nt5e_08oUZyDyrsZOmZ4Zao_-nMNK6nmSRjWn7MlR9GgwOw0R7tHYbRW08_Suied-Hv805SsBFaBOaWfI6-lE2DMuvwMRdGxXK2PcuqJKp7Qb63OyW85jYamecXjaroBQTuyjtHHd9sHELbOHwN_0Pu_X9xGlTSlg7P13pF2LCGYw2dQvZcJWUKy7ciGmHhCeXlVq3VK6u-ZI1P-gnDM_FWwMwwaqTzl_a2M1i4TJKna89q33lMl1oE_j-cY9zltbiwVVSJCF1yLOv2kjZe2IVOBtnsJJeeUij1i8qmfScfotJIkqwdTDKKuYYbvKRuKFCeYyG3xUvS52EBpho6d81qsCsz9IoXIKUDFcSoG-0pA5ViBJUFEW3NJUzUtyBC1HRoJS5ikGuEP5YBgQXMYHwdxZ-aAvjFsKF9X1tBjJcfTsxFWD8iEwzSccmZOCS1Xk1zXRmlcJvVSVJqNh_j_yQVkZVkqFlZ2RlYufeDp47bQAc0YSgBA_CM-DF5YYoomd6PLJHZOlvgdQ49JNNuClB_ngDE6hAiCxdbXPwAZLkOzjRIeY1Kaj4ijWgK-0U3GY2G5GyL_h8tN670g2vqkRamAabHiuE9L9yJ0wGjKbIa-Rm369Auu0e5ZYjc7NE8QtWnboz63qMjW3JoCCtTo9oZpXVmWU6qUQy7v-hYUljTj1AGAb3N8vthxeeLdZLIXClZqMHi9ZOvmt0XRIO16Fz4ZSz4ZFIeFse-WOP5a7f0K6uRmiE_I5ZLAmDiW99LY01cI_gcAnpFx-6tY_-CjL1MlgvPRhlFJD7a8XDI1_AJ-XZE7Hhvd7yrlRxNBbGvvSdXoVQjmp-w1JxDb998rFZDJ-qERnbkjDt_dwwG3fz96nK8LL8tbKutR4_bXjJkudMDbhshASa3GvpiT0gXQJUsRtSLbz9veN5n-KwSrk-AuJP52tjMbgJisQEyC7w89AtYge3edKyZqoA6FzNzvir7auVY4qwcF_GbW_hH_7IE9yjztGc9UA4FkNUeIk11jtbgiK2Dq98PVRPWeehz3wy2NnOwHF58p5dB__SkGNjaNUgg75917mVxX71b29aZmCmDuAqnl3FVi5wLnlGHWQQUwW1nuhXs5OaPXC9cqG9zfc4XECatqz-gJ-mjPBBbkRpPYzLUviziUCKfNJe4k3eQybHbW_YTCNlrEBEK7S592zCLDvH8Ao-JHACtYb4iG9woCsqB2BAjz-9HXsdWQYkBtQLyjdpn9s6O6D6ASKpXR-hBx_pUTFm9cgH_QhYyXo_6VfVIS4bM6A4joX7E_NKTL6GscN6-05rk_OlGkws5wjE2TbVaVOzh4Jr-FH1WoKgZWSf0hMqVdU4az6lThrPfJNi872Xf3Dg-CQrMLX7QdXF_-kvGvLo2AqPPRJUFZNhcG8SSzD9AJ-jW7M0caa4dis3Kd1FitXSITVv3an6dHykDDmgnBmJNWZpJ02BlvtcEK7wHmx6Xxu-lD4eQf6cypdv3CxzRsXbyWiSz9P4-KxAh9BBhK8RLKd0I24lqIrIEjVVWPVkfCswY4JWkwH8tPzdDCQUr3MG9QeZfZw7qOA_-wlLzzjPpR9C8H8XYxiGND1EpOjXT1cir9s_1HfB6z6WDYcEmskgn16uq5mf5B8Xv7Bv0rLqRgJAinVpBi5VfrS2raXwaXopMsztLYe21J83465gLiYUOW_PaaWiU4_KtPqL3LuM-fnsf5D8CCW7lpSDQvMG7txONcRxKWfU1hdHlPRiNGQ2ZdG2wA8iFlk6hznMsw0fl4LsZBfXW6cSn8VWz3-iqE7hmow8HMFyZQBEUI0cpEJTLuJREwhfBskx0ExfB3J__g5WhGhB9uAvy8RjgPM4m6ARrTzjeSH9TtkCo8OZuPagyZlupU395f-I0T2Jkm552hU3cdecd7WJ_ubWDYgzndPXiGNBRu5S96uqKRBbVVtPYpXkzgGwZjbwIZGkGwrsUVHwn1Ald4eoHbQwf4CKwDHBL9pWSQcuO1Vf2TS4X33fZWQ4XyW7yDf7gS23gnmZ5GlR1spbppX_uk0KDquoEBXBkks1Jh66zvmYU5cZ_6uPp4sNz5_T0EbrzACeFc20nIklZ71l6EWgE7ohemK7z7FUY4dLB46D7gHxx9eSHKFkIRDLuVxEdDJSUWqUwp2ncRA2fHcHHqIQddI4K2rdWvr5uLB8gkbo1UtK-T2UQqkgKaYR5MRXg5wF1nRSkdtUJJtDKnxxlD06m-yqIimvuutBhVxKh9qE16WdR1mAhln4wPeeYgFpab2yp-iTB-v9FEuwLc2BSNzCQBHFji_2LUGOl06r3HA7RTyPpRAV2jG1zRO94_8aRwmfQ6VSz9n1-3bN32CKZwAxDmtWrYiCTlCyFSchNBw1p_AZO8JlBAJo9gvNEvC3H3GR5wPubBfr8aPTxKYwgqmCUIo1Gqs46EF3cKQz-IF-80EtY9bYdLDSzIWZy8fvZo9dNVfikOrQRlCIWnfRIb6WCV7u4gsIF5gtCwOvfhD1AQWTwzkfNaCOdZeA034CFPe3gZAmSjybCHf78bcwF7FsiZ16e5-zNPcybScAYbXwNA8l9wx8NDPRjE5FPWKm8gYZOgQQfFhedPrCRp56LhQwvQFLQ78v540agK95aBS59XOpysbyO1IeZG9qfSh1L35DLZNxUVZ8yBPQR83cOeyMG53jh4H2w-T0WOV18BHF3E5uqI2U-p0uiUswsHy7rmZMUnGEd-VF58hr6lDC7XMMvB220mCd4HbdpcNa27uGChqUND99k7jF8z7151HE8q5rKTczh2fMr_vRF9p4BW3cCCcZggml5BYla7DdIcj85zglJy3rYtkcwOv5v2SjZCRXNUFrGdEmIomdChv11G4653XakdSu4ug4GjukfxDNl_OQbbb9lsN2ehe7lelgMjnHUmF0K_LJL769ftLsozMThFPkbw82TFz3mqxem8rSfkXmK1qBJHQpIy-Pb68MSkjr6Q4WBGF3AzB9kPzdHNgkZGuNOnuajBGEI8UfuFfjLVkWrbQ8Ltl-1582aYyQ4-Unu7tvaVYRcbjMQe-GoKlbU9FTcPRv7-RVAyEW7AunRea4zJaDe8_9EkhM6yYeHfkwyStD64F1KHz2_wzIdVERr_iNJTLcunxKAra6YsQsHpvFH4g&cid=CAQSLgCsnQUxDwGQ4Vn2yFBd7XNIrLHG98PZlKEx5qE00EZopdMXvOpgYRV8F5RsRZI&rfl=1%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

904d8ea3f910f23afed505007751494875a041e9be8d675d1c0c79a705516fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF1C 42 B
494 B 160ms
73ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYjRLYcV20c-Dw3JjM2OP3DVx01vdL-A2huiq_B5PoLOXf_vAgFmyjBq0tl0fqqRPiMPtsmkOdxHIJujCqDbEN-QcHykJTuYgfhhuZNaR8A8rbyqE

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame BF1C 3 KB
1 KB 125ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:31:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF1C 140 KB
43 KB 136ms
56ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 08:09:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame BF1C 17 KB
8 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:57:48 GMT

POST
H/1.1 200
OK ingest.php
events.newsroom.bi/ 2 B
844 B 13ms
13ms Ping
application/json 188.40.92.96
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.k8s.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryrLfyda0t0gKyPCLW

Response headers

date: Fri, 12 Aug 2022 08:09:07 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 02FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhNaAD5imtpHZWwhtenNWY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhNaAD5imtpHZWwhtenNWY&google_cver=1&C=1

43 B
905 B

53ms
36ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhNaAD5imtpHZWwhtenNWY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNWg-KIoHNmtfU1yJkqw_DwpeM76_OziYDSu38rK49GU6giqzU95i38K2VyGLqqNF8qEKMDgGAXicgIROrYfynH4gfQKmHNmh72hULBELbP4W1VAYL0IALDZvtP6iutpTwWhCo27bM-dPDyKLERbIJrdlXA6fJ2C91mNrhDAFK4ACNI5hms
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7397ba1f49878fd6-FRA
pragma: no-cache
date: Fri, 12 Aug 2022 08:09:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHHtza6oS8PO21t8re64tue5Dl9LVnZAvrJpvQ1bpgiDRQj%2Fhr1kacr9nSBuMAsJpv3xQVTGtTxcRrt7GsMVkIh%2FlVNNaFt4pUciMAM52y8P9qABOrqb2BtkFumuXwUqkpuIYEVhpzYIzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRCeuwgK41veo8fduhgv59FUegAQkYukEA5vYfxQF0Tf%2FPowwKY55gQBUvCsTmCIZiE8r%2FZiQ2P4eM%2FdKDSFlyPsJ9g5m0F5Wn6aH4CQRTxWCgxdUi4AKVv%2FwbQTqzSrEhr%2BgPeMfsDzJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEKhNaAD5imtpHZWwhtenNWY&google_cver=1&C=1
cache-control: no-cache
cf-ray: 7397ba1f0b83923d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 02FB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvYKoz6xdjM0phSLPgir1AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhNaAD5imtpHZWwhtenNWY&google_cver=1

43 B
907 B

29ms
29ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhNaAD5imtpHZWwhtenNWY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNWg-KIoHNmtfU1yJkqw_DwpeM76_OziYDSu38rK49GU6giqzU95i38K2VyGLqqNF8qEKMDgGAXicgIROrYfynH4gfQKmHNmh72hULBELbP4W1VAYL0IALDZvtP6iutpTwWhCo27bM-dPDyKLERbIJrdlXA6fJ2C91mNrhDAFK4ACNI5hms
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 7397ba1fca298fd6-FRA
pragma: no-cache
date: Fri, 12 Aug 2022 08:09:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wbGbwTPFPDAEvs8dfViFw08d4MyfXyFn2%2BR77a%2Bq8gnZplM3aWyDNphQJEVDi3MsvX3NulBJFWz9S0pQbAc5BCx0jmrKnhjWyIRPnBsCmNBtyS7DHKiOdTwhKGONdj6e7n08tJHk3lOeg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhNaAD5imtpHZWwhtenNWY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 02FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFtcLGlCZ0UlRLFHTNTC-d0&google_cver=1

43 B
1020 B

16ms
16ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFtcLGlCZ0UlRLFHTNTC-d0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNWg-KIoHNmtfU1yJkqw_DwpeM76_OziYDSu38rK49GU6giqzU95i38K2VyGLqqNF8qEKMDgGAXicgIROrYfynH4gfQKmHNmh72hULBELbP4W1VAYL0IALDZvtP6iutpTwWhCo27bM-dPDyKLERbIJrdlXA6fJ2C91mNrhDAFK4ACNI5hms

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 08:09:07 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 06b1082b-d45f-4afd-8345-6cc643dd06e6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFtcLGlCZ0UlRLFHTNTC-d0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 02FB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYyMDg1NDk3NjE0ODM3MTQ2OA%3D%3D

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYyMDg1NDk3NjE0ODM3MTQ2OA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 08:09:07 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8e551682-1977-450a-85a8-09439a736fee
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYyMDg1NDk3NjE0ODM3MTQ2OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame BF1C 106 KB
38 KB 158ms
38ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Origin: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Aug 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame BF1C 8 KB
3 KB 111ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIcSppfRKfPvkzcNI2-5CJ_TYW3DCjsOuPhc914Is0CsMM55nyVrDArl8PGsTEW8TjYlqXQAZh26fNR7sX26NuG3eY_Q-U9b_ZqZ5I-aZuaC_BzReaVXnWKDBztdlMIyydK3aHSXOhXt4Ic2StjovyJ4zZvQ&dbm_d=AKAmf-CJRh0iS16WMrEb6wsX-LfXxw-4SNqxE5Qc_4Gx3v6qC0RYYcSBNHpr2S1sUMRBhnpnOnfEZCU_ymBuZGK4SQWm6GSuAXH5AT8Hq3ZNNe2UqPl4xdEP-t5vqxT0TD180ovOssNWSYol3krbqcURswtxSrl8xQy8ct5MJJVbaqmYYVBqmLDu4pqzFNhfEV83lKUths8G8EHU_OCRQw1rdrbyl07kzlmiTqTSQQCgs8lhbtrZj1HPTNUJPU57VO2ZutD96fttCAK2Sfq_F0J8pVWcLtKo2AwcFTKD0aYbbO7WuLPCPgSV36MfQrktLrGFGgcA9fxlmqfVPycBsq85NyL0PPV2SbdLqxx7C_rBJjaupsIZIU88OfXEY6sl2dzO1harHtr7EZH1tRb7p8-P6sOu1O9sFCYMEDtREublO3kk5sVaRzmJ1X9vAStuQlUPrSFcjiCA9s3Dtpv5EE3osZO-qTfQFWaVLpeLPSgCm0uM2rdMrJI5356exbXYC6cYZP_sVw8Mm1rIOLqU97mZoz1LyJFgqJYCLNDHn_9tlWXQoZFEJW8yCu9xscHAd9Blt9gR86sUPUnYMb-ubkxMgLJxNtKbLZLGZ9CycKtbgjjOkKJMRQm4Esm_VUpDgafD5nt5e_08oUZyDyrsZOmZ4Zao_-nMNK6nmSRjWn7MlR9GgwOw0R7tHYbRW08_Suied-Hv805SsBFaBOaWfI6-lE2DMuvwMRdGxXK2PcuqJKp7Qb63OyW85jYamecXjaroBQTuyjtHHd9sHELbOHwN_0Pu_X9xGlTSlg7P13pF2LCGYw2dQvZcJWUKy7ciGmHhCeXlVq3VK6u-ZI1P-gnDM_FWwMwwaqTzl_a2M1i4TJKna89q33lMl1oE_j-cY9zltbiwVVSJCF1yLOv2kjZe2IVOBtnsJJeeUij1i8qmfScfotJIkqwdTDKKuYYbvKRuKFCeYyG3xUvS52EBpho6d81qsCsz9IoXIKUDFcSoG-0pA5ViBJUFEW3NJUzUtyBC1HRoJS5ikGuEP5YBgQXMYHwdxZ-aAvjFsKF9X1tBjJcfTsxFWD8iEwzSccmZOCS1Xk1zXRmlcJvVSVJqNh_j_yQVkZVkqFlZ2RlYufeDp47bQAc0YSgBA_CM-DF5YYoomd6PLJHZOlvgdQ49JNNuClB_ngDE6hAiCxdbXPwAZLkOzjRIeY1Kaj4ijWgK-0U3GY2G5GyL_h8tN670g2vqkRamAabHiuE9L9yJ0wGjKbIa-Rm369Auu0e5ZYjc7NE8QtWnboz63qMjW3JoCCtTo9oZpXVmWU6qUQy7v-hYUljTj1AGAb3N8vthxeeLdZLIXClZqMHi9ZOvmt0XRIO16Fz4ZSz4ZFIeFse-WOP5a7f0K6uRmiE_I5ZLAmDiW99LY01cI_gcAnpFx-6tY_-CjL1MlgvPRhlFJD7a8XDI1_AJ-XZE7Hhvd7yrlRxNBbGvvSdXoVQjmp-w1JxDb998rFZDJ-qERnbkjDt_dwwG3fz96nK8LL8tbKutR4_bXjJkudMDbhshASa3GvpiT0gXQJUsRtSLbz9veN5n-KwSrk-AuJP52tjMbgJisQEyC7w89AtYge3edKyZqoA6FzNzvir7auVY4qwcF_GbW_hH_7IE9yjztGc9UA4FkNUeIk11jtbgiK2Dq98PVRPWeehz3wy2NnOwHF58p5dB__SkGNjaNUgg75917mVxX71b29aZmCmDuAqnl3FVi5wLnlGHWQQUwW1nuhXs5OaPXC9cqG9zfc4XECatqz-gJ-mjPBBbkRpPYzLUviziUCKfNJe4k3eQybHbW_YTCNlrEBEK7S592zCLDvH8Ao-JHACtYb4iG9woCsqB2BAjz-9HXsdWQYkBtQLyjdpn9s6O6D6ASKpXR-hBx_pUTFm9cgH_QhYyXo_6VfVIS4bM6A4joX7E_NKTL6GscN6-05rk_OlGkws5wjE2TbVaVOzh4Jr-FH1WoKgZWSf0hMqVdU4az6lThrPfJNi872Xf3Dg-CQrMLX7QdXF_-kvGvLo2AqPPRJUFZNhcG8SSzD9AJ-jW7M0caa4dis3Kd1FitXSITVv3an6dHykDDmgnBmJNWZpJ02BlvtcEK7wHmx6Xxu-lD4eQf6cypdv3CxzRsXbyWiSz9P4-KxAh9BBhK8RLKd0I24lqIrIEjVVWPVkfCswY4JWkwH8tPzdDCQUr3MG9QeZfZw7qOA_-wlLzzjPpR9C8H8XYxiGND1EpOjXT1cir9s_1HfB6z6WDYcEmskgn16uq5mf5B8Xv7Bv0rLqRgJAinVpBi5VfrS2raXwaXopMsztLYe21J83465gLiYUOW_PaaWiU4_KtPqL3LuM-fnsf5D8CCW7lpSDQvMG7txONcRxKWfU1hdHlPRiNGQ2ZdG2wA8iFlk6hznMsw0fl4LsZBfXW6cSn8VWz3-iqE7hmow8HMFyZQBEUI0cpEJTLuJREwhfBskx0ExfB3J__g5WhGhB9uAvy8RjgPM4m6ARrTzjeSH9TtkCo8OZuPagyZlupU395f-I0T2Jkm552hU3cdecd7WJ_ubWDYgzndPXiGNBRu5S96uqKRBbVVtPYpXkzgGwZjbwIZGkGwrsUVHwn1Ald4eoHbQwf4CKwDHBL9pWSQcuO1Vf2TS4X33fZWQ4XyW7yDf7gS23gnmZ5GlR1spbppX_uk0KDquoEBXBkks1Jh66zvmYU5cZ_6uPp4sNz5_T0EbrzACeFc20nIklZ71l6EWgE7ohemK7z7FUY4dLB46D7gHxx9eSHKFkIRDLuVxEdDJSUWqUwp2ncRA2fHcHHqIQddI4K2rdWvr5uLB8gkbo1UtK-T2UQqkgKaYR5MRXg5wF1nRSkdtUJJtDKnxxlD06m-yqIimvuutBhVxKh9qE16WdR1mAhln4wPeeYgFpab2yp-iTB-v9FEuwLc2BSNzCQBHFji_2LUGOl06r3HA7RTyPpRAV2jG1zRO94_8aRwmfQ6VSz9n1-3bN32CKZwAxDmtWrYiCTlCyFSchNBw1p_AZO8JlBAJo9gvNEvC3H3GR5wPubBfr8aPTxKYwgqmCUIo1Gqs46EF3cKQz-IF-80EtY9bYdLDSzIWZy8fvZo9dNVfikOrQRlCIWnfRIb6WCV7u4gsIF5gtCwOvfhD1AQWTwzkfNaCOdZeA034CFPe3gZAmSjybCHf78bcwF7FsiZ16e5-zNPcybScAYbXwNA8l9wx8NDPRjE5FPWKm8gYZOgQQfFhedPrCRp56LhQwvQFLQ78v540agK95aBS59XOpysbyO1IeZG9qfSh1L35DLZNxUVZ8yBPQR83cOeyMG53jh4H2w-T0WOV18BHF3E5uqI2U-p0uiUswsHy7rmZMUnGEd-VF58hr6lDC7XMMvB220mCd4HbdpcNa27uGChqUND99k7jF8z7151HE8q5rKTczh2fMr_vRF9p4BW3cCCcZggml5BYla7DdIcj85zglJy3rYtkcwOv5v2SjZCRXNUFrGdEmIomdChv11G4653XakdSu4ug4GjukfxDNl_OQbbb9lsN2ehe7lelgMjnHUmF0K_LJL769ftLsozMThFPkbw82TFz3mqxem8rSfkXmK1qBJHQpIy-Pb68MSkjr6Q4WBGF3AzB9kPzdHNgkZGuNOnuajBGEI8UfuFfjLVkWrbQ8Ltl-1582aYyQ4-Unu7tvaVYRcbjMQe-GoKlbU9FTcPRv7-RVAyEW7AunRea4zJaDe8_9EkhM6yYeHfkwyStD64F1KHz2_wzIdVERr_iNJTLcunxKAra6YsQsHpvFH4g&cid=CAQSLgCsnQUxDwGQ4Vn2yFBd7XNIrLHG98PZlKEx5qE00EZopdMXvOpgYRV8F5RsRZI&rfl=1%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:48:31 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame BF1C 30 KB
12 KB 108ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:43:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BF1C 41 KB
15 KB 112ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Aug 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame BF1C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c123c7fd4a10cf634f57f792038475e28a401ed8ae381f3b069751e5f9a66ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/ Frame FBDD 6 KB
2 KB 121ms
42ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69baa42b5243c9fad39140cd27772eb779a829f93bbc325e2e695fd8b74f4371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 122781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2318
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 22:02:47 GMT
expires: Thu, 10 Aug 2023 22:02:47 GMT
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF1C 0
622 B 158ms
76ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSYdJZ_I_a580UBdBdeR2q0a-TSJ299jVQHo0MAMDHQebqreXmi1RtSzClK793jgFLl7RXXJohgHPXPu-_4vwLXrYmVT4-O2FWqJ18ANwjqTICef_Kj6Ff8jPOCZTgV1pSzQoC35SdZoS2Tv24CSdfCbXcH6P7IolDl6m6oSCsPoqa_p6_89CF028u_hnz4EU21zWlxTJ_vXY0j3JfmVdwdJegE5X81AavRqvOSld6Zw7xMT7nnTpMhrlwXbCXuPAcDBWVQVyJztBchzV9pXOfKzikvi1GKXFIJNhS983zlSt4D9M33VwzFtRE20cqk0TL644UbPQ497FHcd-OJrQWH_7hqk8Nr7A1K07WdvjdUnN278tNA6MW2AisB5qn5Dz5wHQN2QCDA6Wjogib1iaqWDsNB1FdaQI-CoUgrb2Pz7qLcBpfm41bB5_bFFM1GXiR8F6wvyck3EakaNh6AR1OruF8zIkSf10RPTA1KRfkobPKODF9yrtI-ARktLW-Q7tjs1aCstdoalJO2VYNwQTAf2mOVfAB-CqCcnzlYNEMl4blz9flqgsQldu5NE8CsSG_RBzGx0s6LWLcExeHiBdB_IHA3hEncSGShS6jxzYGs13sbPcBbNnZyTQh50mp2FevU66ovZ6lwkhczNOFTYG7ExN1uuaEBEB-Q4abDhQcKu0lJS5kXpcqYKZ_Rg7xuyyNgO7c8lXlMmYsGUR8i43LA-Hru3GQDj1ECHPNkaopLVKFuH1DiGevtvPAz7Q5J2A3oXSyNIzA2u85qJbEpL3gITBLQMwGE1Plk1fdsTcWzkT8-3MaZUmeatVIpYRqIyD3i2bPNQjjP4WvfDlKe3CUYqK0Q1n5sSUmBrFM_XRJNcOk_jxxJEmru1Gvm2Xa3Uz5cqC9utbUnxXIsFdP7hCLVlNN_5e27YfpQ6ti7tqc7WugHJgIYEssDrjAh67w7HugiKaXrN7KT_aMcpjJ34exCwbo8XtyY3MxHK11bFtg972P8Sqr4Tz1FqqBvc2FQcNtv9mU3-HPFKXHoA5HgTNigibnUippDrUloKqSrpVEY2d_M5GcYak6lMVnEZkmKLGxtSHx_tihfmNoOcB21NA_MO2ciZ1QkGzAb5fJFZiR9FwFnhJ7Ez8_nD2qrq-4xmN0diQcAHV5IuhM64szi2CPn9Mf2fVTrBxuXezZdmJ7OUJrXCEOzBZoYKWKlukHHjSch2hoOpHZAuv9YXx5vgMQYIQma3HOoP1kC3YvjwOjcYcvUjvfORcak5BAwOlgKcVsaky84V_npOCQpn7jE9jtW77skDjtPGpVyNM-uSqYE9fP-lYmEqEEpcon9J0VYGqKjeGYwLfCLPHYZyjfi5OHrMdwZfsleEUyj0FWhlB_h4JR5O6Gd5gogjTP0sz9W602ivOKMIFT-dBYp8WWe0dntFEk1zyNJmBBYo1yXTIH5LO2XotYqBAm-D9EloH7WI9kN8HRPZkT_lwXv8D4OJt5kKkdVvwrX7o-eH3ykDXzME0&sai=AMfl-YS2ajT_pgiNMzOZQ-2UQTz_4cbjYN_FeMMnuKlPGS_KyyLsJyLslBdKLDmy3_AmKD3IXAGNI8K0EDUta-7sgGqQrnPAic_EH_JdtuF0VEIPwAvHSqjeeEpPBJY762AyfLLhSrRv_Q6bGVglltoLiCDzUv-gzq2KpWfNJweaxZ7zMojO8MjpCh0X3zpkg3NaYW3_EHVCDIfj-_3eykconLWq66vT5CswyJAyi5eB-Y1R_EUk821ZA9H_8x78i8MH&sig=Cg0ArKJSzGAbshV6CA7rEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=215&cbvp=1&cstd=213&cisv=r20220810.18284&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 12 Aug 2022 08:09:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2F3B 22 KB
8 KB 36ms
36ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 07:50:57 GMT
expires: Sat, 12 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F3B 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14125
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:42:27 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FBDD 236 KB
63 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Aug 2022 08:09:08 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/ Frame FBDD 23 KB
4 KB 40ms
40ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6e080e881e29a77d25b2707d3d130d52bf039080f439ffe7618ed9ebe5c0d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122781
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4226
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F3B 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkFUQowr2YvPFJPC6x_AP-peQ2A4AAAAAOAHgBAI&bg=!2Nul25_NAAa4hXTbmIU7ACkAdvg8Wphm6l8jlduBIVowg2ehT8n8T9rft9sI85wqL3M6nHj6LJhv9AIAAABQUgAAAANoAQeZAy2zYDZeBgov82B6s59gCFzZ7qiJ7J3F_pDS2UwYrzDR9mShcNxvNmZ2JKVooXTjiWOuQQ_TgLjPvFdBPnu_yjFLy3SeeUWiT3V-Xo4NCBANB3_lBpMJvtfM_T6CJkOvJyGtPPFH5mRJim3VCtdUSecJm3WkPSC_pmT2u2xykHKa8Qo9kvAnRQanP5d_1OD3tBSKecBPDFB07OzRXLQTKHYBEarYXlnPGLoxfCk393S98jKZFH8Hmiyq1viiuZUPmsNbkJ2CvPeM976FeTAkzjxjLbsOsz13-HFeR54L4NvyPZIU54DHVnj_sRtFYPxRlSR8_TxhWo1AvupW9IAF1rh9MHt-5s195XM1H2SHHcg7dDIuaN4gV-rVxrdUBtELPjP-GfmBJeMe8AP86BkZhgAwYwEgrdKkBTd6VZkU9Fxxq0IZjg7glqm0u3qO6N27OSn1UyTW1bTaZk56WSJtvorp3k17IrM0WcPHWswBAHP2DDO-kbjwaU1NghGSaXlE0eNUuOad_iDYBEdmbaag8CPYHvDHvRoj7W9l8PQiR5SNMtaVwoDuvgUm3tx53BK1b4f_yb2RUe5t4wR9OCAywM9WdEwr_maU6kWlEfhMHgkZ45S_sCRXDBc-Lm9KWxcqKPtLRBacV0DM3-p0f0wS-PdXVqyWKX-nONPqH-KOAuqbUPraCFHvANUGjaVQtOqmY3jJobjrmI4GV1-ptYzFJJqNsmzBTe0RMGT6lnAhQU4s1w6WNq03ydn5Vaqg_gMSjiETn4FP6atse8P00aSeZkNidWkRJTzPd0QAyt_texoLj-xS2jRmP2LgvwDvmzFpvFZIsbuJ8FD9LHhWlmFipFtt5FZVArW65a-3geD0a__rxMlxdM_Ioe8VTK3a6g4avW1ARyCXhgCENRSlPptJzWsfBtjr5NJYdkgNpBNc_P6PnD7I3QW-Z32oyEVW0ZDRJWiCQrV4ZOBJDZGO0cqeOCx6UXgHJYOhEFRuNPCTILZDKSMzi6cueZfCvTCuGzvFmMmXKimc4XReCDvxYVm99UzCT4FQQ9P4mPWt29QJVFd3YxESw-wxohID_RuTkOk

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bgrd.jpg
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 9 KB
9 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/bgrd.jpg

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7310148aef9b5a6415c86ad58145e45ca053cb4dd04ee071a3840355f955966b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 12:08:04 GMT
x-content-type-options: nosniff
age: 417664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8938
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Aug 2023 12:08:04 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF1C 0
26 B 136ms
70ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSYdJZ_I_a580UBdBdeR2q0a-TSJ299jVQHo0MAMDHQebqreXmi1RtSzClK793jgFLl7RXXJohgHPXPu-_4vwLXrYmVT4-O2FWqJ18ANwjqTICef_Kj6Ff8jPOCZTgV1pSzQoC35SdZoS2Tv24CSdfCbXcH6P7IolDl6m6oSCsPoqa_p6_89CF028u_hnz4EU21zWlxTJ_vXY0j3JfmVdwdJegE5X81AavRqvOSld6Zw7xMT7nnTpMhrlwXbCXuPAcDBWVQVyJztBchzV9pXOfKzikvi1GKXFIJNhS983zlSt4D9M33VwzFtRE20cqk0TL644UbPQ497FHcd-OJrQWH_7hqk8Nr7A1K07WdvjdUnN278tNA6MW2AisB5qn5Dz5wHQN2QCDA6Wjogib1iaqWDsNB1FdaQI-CoUgrb2Pz7qLcBpfm41bB5_bFFM1GXiR8F6wvyck3EakaNh6AR1OruF8zIkSf10RPTA1KRfkobPKODF9yrtI-ARktLW-Q7tjs1aCstdoalJO2VYNwQTAf2mOVfAB-CqCcnzlYNEMl4blz9flqgsQldu5NE8CsSG_RBzGx0s6LWLcExeHiBdB_IHA3hEncSGShS6jxzYGs13sbPcBbNnZyTQh50mp2FevU66ovZ6lwkhczNOFTYG7ExN1uuaEBEB-Q4abDhQcKu0lJS5kXpcqYKZ_Rg7xuyyNgO7c8lXlMmYsGUR8i43LA-Hru3GQDj1ECHPNkaopLVKFuH1DiGevtvPAz7Q5J2A3oXSyNIzA2u85qJbEpL3gITBLQMwGE1Plk1fdsTcWzkT8-3MaZUmeatVIpYRqIyD3i2bPNQjjP4WvfDlKe3CUYqK0Q1n5sSUmBrFM_XRJNcOk_jxxJEmru1Gvm2Xa3Uz5cqC9utbUnxXIsFdP7hCLVlNN_5e27YfpQ6ti7tqc7WugHJgIYEssDrjAh67w7HugiKaXrN7KT_aMcpjJ34exCwbo8XtyY3MxHK11bFtg972P8Sqr4Tz1FqqBvc2FQcNtv9mU3-HPFKXHoA5HgTNigibnUippDrUloKqSrpVEY2d_M5GcYak6lMVnEZkmKLGxtSHx_tihfmNoOcB21NA_MO2ciZ1QkGzAb5fJFZiR9FwFnhJ7Ez8_nD2qrq-4xmN0diQcAHV5IuhM64szi2CPn9Mf2fVTrBxuXezZdmJ7OUJrXCEOzBZoYKWKlukHHjSch2hoOpHZAuv9YXx5vgMQYIQma3HOoP1kC3YvjwOjcYcvUjvfORcak5BAwOlgKcVsaky84V_npOCQpn7jE9jtW77skDjtPGpVyNM-uSqYE9fP-lYmEqEEpcon9J0VYGqKjeGYwLfCLPHYZyjfi5OHrMdwZfsleEUyj0FWhlB_h4JR5O6Gd5gogjTP0sz9W602ivOKMIFT-dBYp8WWe0dntFEk1zyNJmBBYo1yXTIH5LO2XotYqBAm-D9EloH7WI9kN8HRPZkT_lwXv8D4OJt5kKkdVvwrX7o-eH3ykDXzME0&sai=AMfl-YS2ajT_pgiNMzOZQ-2UQTz_4cbjYN_FeMMnuKlPGS_KyyLsJyLslBdKLDmy3_AmKD3IXAGNI8K0EDUta-7sgGqQrnPAic_EH_JdtuF0VEIPwAvHSqjeeEpPBJY762AyfLLhSrRv_Q6bGVglltoLiCDzUv-gzq2KpWfNJweaxZ7zMojO8MjpCh0X3zpkg3NaYW3_EHVCDIfj-_3eykconLWq66vT5CswyJAyi5eB-Y1R_EUk821ZA9H_8x78i8MH&sig=Cg0ArKJSzGAbshV6CA7rEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=456&vt=11&dtpt=241&dett=3&cstd=213&cisv=r20220810.18284&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 126ms
52ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd61bd4258777781efc945039945b34af7e2a16e8977de1b371ed2d99ff1fd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11167
x-xss-protection: 0

GET
H3 200 btn.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 1 KB
1 KB 39ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/btn.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f634e5cee1ff5942cb19c0667435e895c64969f3c9dbab99b06b83d218a924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 122780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1420
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H2 204 debug
trc-events.taboola.com/diariodonordeste-diariodonordeste/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/diariodonordeste-diariodonordeste/log/2/debug?tim=08%3A09%3A08.225&type=info&msg=FPO%20completed%20running&llvl=2&id=7974&cv=20220811-9-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14321

GET
H3 200 bubble.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 11 KB
11 KB 39ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/bubble.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c409f494ee43633c5e2caaeac201b20d165c0bf295d05133ceaf9ac385cab97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 122780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11555
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 dieter.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 5 KB
5 KB 40ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/dieter.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7d6728628ef211d3b30f62aae45ab63fd79dc5ab17ad2dcf6f1bbce1268700d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 122780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5444
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 08:09:08 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 1 KB
1 KB 40ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 122780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1167
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FCB3 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 07:50:55 GMT
expires: Sat, 12 Aug 2023 07:50:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AE79 783 B
535 B 131ms
49ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dec6fc4f026d7f78fe78852981a5552ac5fe13e7165631b3c61901cc5719fc45

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7YxZsG4jgCovEfzUViT5mQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-7YxZsG4jgCovEfzUViT5mQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 08:09:08 GMT
expires: Fri, 12 Aug 2022 08:09:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 691 B
718 B 39ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e6d5cbec4fa0435b5307accc162df34fff6f4eb29050eaf1bc2ce28e2c4cdf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 122780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 691
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 826 B
853 B 40ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 122780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 826
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FCB3 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14125
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:42:27 GMT

GET
H3 200 h4.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 967 B
994 B 40ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 122780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 967
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 h5.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 621 B
648 B 39ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h5.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1316c59ebb7ebf3879a5d7f1fb1644a34769bcaa22e24ce93d7b2e9c43fa0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 122780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 621
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207221643000/ Frame 876D 220 KB
60 KB 122ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61462
x-xss-protection: 0
server: sffe
date: Fri, 12 Aug 2022 07:50:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "006401e583f0e23c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Aug 2023 07:50:56 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 876D 14 KB
5 KB 191ms
111ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Fri, 12 Aug 2022 07:50:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Aug 2023 07:50:56 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 876D 94 KB
28 KB 176ms
97ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Fri, 12 Aug 2022 07:50:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Aug 2023 07:50:56 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 876D 5 KB
2 KB 175ms
96ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Fri, 12 Aug 2022 07:50:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Aug 2023 07:50:56 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 876D 40 KB
13 KB 173ms
94ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Fri, 12 Aug 2022 07:50:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Aug 2023 07:50:56 GMT

GET
DATA 200
OK truncated
/ Frame 876D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84a8dafb15c24fb406c0967630ab75dcec3bdde1166ef7046cbe58c7de746fcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 9352256899095331067
tpc.googlesyndication.com/simgad/ Frame 876D 81 KB
81 KB 37ms
37ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9352256899095331067

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

859703f2554aa6eb084f4f924f5b0c39152056add110aeca4a748c00cc02f81b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 10:10:44 GMT
x-content-type-options: nosniff
age: 165504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82599
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 20:18:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Aug 2023 10:10:44 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 876D 3 KB
3 KB 53ms
52ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:19:46 GMT
x-content-type-options: nosniff
server: cafe
age: 53362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Fri, 12 Aug 2022 17:19:46 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 876D 344 B
368 B 55ms
54ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:34:18 GMT
x-content-type-options: nosniff
server: cafe
age: 52490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 12 Aug 2022 17:34:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 876D 0
0 49ms
48ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSz4S7H0ewZuoRrkwQtKAguv2aUZQui0bu3Q84vpV7JOr3vHv2qgv6MeEna-BNWHrzblNfUz5CQcF_KnLHpwttqHoRAQA
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 876D 0
0 82ms
81ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8gBtpAr2YsqEEYqy9u8PrvCM8AuqvfSfa9bjj4alEND14P6HMRABIN3Wrh5gleKQgqAHoAHvisj1A8gBA6kCvUXfEqlKsT7gAgCoAwHIAwiqBJoCT9DXis6-gDyo1E-8t-TU70bnCIsGydJN-_rY4uSJqadwl0kHwwVHr_Vkp5_vY1s8QCIIlpmi3T3PTYOC_lv2ldnGttvxZDk57093qX6izQdY-5WZcdAmrNMEfksbCsR6BSSb4AQPWihEY7MNtwhXdL_xMFodyJbtgtgyEPYfGw7VjIQsaZhzBKWl6MrSIPQ9IGjYu8W5Rat32AtovsEx28KZHpRza9kuk9Cx0xHT1WCwgLCQ4hRYFv8lrAmV6lu7ggSAQK53JsB8xqxKxpngWSF--hrON1rXdCzxnobuCcEzSi2nYSN69zt_rc9rQ90cgfQjs3ly45xheVJb-JJECBgjLFgkst8IAI9LLdVCdtrIv7zJwn9Z57IuwATcl7mIjATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AH-fS3CqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMn8AtIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi04MDM3NzEzNDk4NjU4MTcxGOGeBw&sigh=MQ-ychpQN_o&uach_m=[UACH]
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AE79 0
0 70ms
69ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080801&jk=1220353504625144&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FCB3 0
9 B 49ms
49ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HgxYoA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 h6.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 682 B
709 B 39ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 122780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 682
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 hand.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 1 KB
1 KB 39ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/hand.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fce620efedb3a0ab107c356a4980ebff44cb931313fa31fd201b2e28121cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 122780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1491
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 introlog.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 3 KB
3 KB 40ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/introlog.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options: nosniff
age: 122780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3529
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 22:02:48 GMT

GET
H3 200 siegel.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame FBDD 5 KB
5 KB 40ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/siegel.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 12:08:04 GMT
x-content-type-options: nosniff
age: 417664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4943
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:48:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Aug 2023 12:08:04 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 876D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

155ms
77ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

date: Fri, 12 Aug 2022 08:09:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H/1.1 200
OK ingest.php
events.newsroom.bi/ 2 B
844 B 14ms
13ms Ping
application/json 188.40.92.96
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.k8s.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarybesqBGDNABFWG1tJ

Response headers

date: Fri, 12 Aug 2022 08:09:08 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6894 0
0 69ms
68ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwUHuIjW2ef1cE0s8t9WfrjCCCb0c0PkilPhp5ot1FqYh0T9uIe5DXdr5KEsFkQfdRpxrXXRCU0qFIH4j_Ki_Rv5IEbrcuplbc77FCZqYjfc37IO3u449wYtbiTqNqiIf3saXZkXImyKTvvFfvWUBXPhMrvMBBAnMSSPMFtfKJEZVsuwI8WINTqlbVPZRq7-W6jQWECGsj3w8GfFXt0V3u400AtEgiiZ5Ks-x02feyzJafWaETJjLWAMfRIOAoXoYFw5lzKlZtVP_C68R1wOu-oJwv4iNMOMNEy6EfOAJjm2qkFiSnDKAykL4-Ul1MjRXTQCgooiVXVFlyy5Q&sai=AMfl-YTie4GyrSvtbCaWXL6yWTBZZIbuQHbVgQMvCMPddH_SgSAbMLpFpH6t7RE_TStPHopsKyqwyHbldRXOS5SR-uZv_xZ4tKzKExREt_0vxd40FNVy-9Lpxg9IG-de3rhHRbA&sig=Cg0ArKJSzE248YuLBPJyEAE&uach_m=[UACH]&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 6894 23 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 08:00:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 6894 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:31:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6894 140 KB
43 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 08:09:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6894 0
0 49ms
49ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9d0ioRuoM_rWfYw68-biYNEHMT_5VDB1cVOD6q5Swh7kY0DqAPKWyG5eT8M4NfqL8e5httXCIqCyPLG8i1RGzFA32Ew
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 4200447821564452857
tpc.googlesyndication.com/simgad/ Frame 6894 220 KB
220 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4200447821564452857

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c810d321570390864adceb44a0fd6af3cfc844c569d49e97618374bb6989a77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:26:24 GMT
x-content-type-options: nosniff
age: 261764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225500
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 21:50:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Aug 2023 07:26:24 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF1C 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwCf-3dKvtRuRABYkii59J-I2G-18OPU_P1CWosl1JJefpLb_1OJoPjE_47l44al1J6SvBBpG5Hj5xrpA2Q1t9ivON_LJtyagmqfRxKua7F3jZ8lakC2RjVyBRikaQmAxa_e2dRofV3RYC9ZsRVQkzYgP1CIl9PjzAau2nMRns4u8z8Vockup5TBZ909hsPCfQEBeoooHyi475IBdXrVGUhvRv-FT8hChV-fG5Ei3jy0Uc7b0aI0Bk-09Cv98b9xVDljzzZKAnEeG_Bwjhj72WYxuE3FVRkeLPOF7LkDNzZdP_QVWA6x1tIlltkN6N2AA9XWiCENAtIUlzsw0bkUcxpSUkDDPCtBiUcmlyPrYv1TKbhxArlczzFRAZMAtjMbGL9bqiYEtECMkIR35fGLQzk8OJd6f8fRXDSnIGETL6zLWW6ciSg7gplX2YAk-GTWsBReSYXF6HNoF5rpz2eWg7cUtdBV-XSqNV0KPNzbMNCWl1VGUHhdltvGSqLxpNmPDPoXRsT1wXuNMQx4SrUbSrXv9KoXc7xAUz6fhqmcf1-anXxbzLIh3EteJDNjQgw4CIucESF3G1LkCpH4RGE-3WsMTB2fIoz5__lYpIltZ2lNCt6mfWyWcEVSea_24B9JrlK2tIqAbRXX2eRy3BdzWjTHAKcTnl2XxufNeJ6gvf3y2Ae92bxOH4NhH03F1pST4VII8WYJkrh_PxFrxFUUHEAP8hRVKWNEw-dEewHc-RWTf_EBfU-Ky9jJzHU6ttJ5diboCf-c6u8Iy_9pMCo7nSl_NY0AwG7eFbIQBowiLhW4IaDBerynLiX3_pTi99XUt9zSzH_92rInO04DBPH2HEl0T7K1CDwNuPHnbCnOaE5BpMdrHDuIhbVds9pMnICLLL8dG0m1Nb98KbHwn67Nwoio-Ll9orTJ6SHT2fULlNKNgBfNs-4ouDda2I5PJFVPuQAQBmqYvTPe3SHaYWrmMOm4Yo0hFn9SF-nKSyKwhWcuBqxGA7bSe6ctQ__RcAtR14wKTCZI0_Sbd-QYcr1KbiNroXoPcHxkOSAH9-K6kioSASFe71dG0fWgOPLPvBEnlOclP2y7sb2ILuygyGvhleHebvXrgaBFNYzDydQps0ndczCsoC21moq4jehc_FHEsg6I6jHsZ_JtRukihTi5d9m0Fb8h9s8nvq1gkT5RIyeeKe4MA1_SLrpmqW9j1gOwmfEUFrj4TfZioal9M6RRzpWtNF7OqAZxuxPjq579Bskh1UOn5cNbmhs2SLrZkRQz2H1W80RIbZymLgvRqPpqYY5thCJACBKlzIpCAI4OWCH8b1AVUnLdcZkE1zcgIs6lc3h8OfV728iE4lu04J-Ds9CbTbZJI&sai=AMfl-YTtp46ALxm1jmRm2bCkQK84sETBAG6gELZAbnKGYYDJb127aARjtiTuziy2nvHZmiw6CXLOKaLfBR4fRfOnv83Oj_tHAP9e3U4sO_hP9tvjGVqrw-AfgnRwtqA&sig=Cg0ArKJSzIKrw_rHwlglEAE&cid=CAQSLgCsnQUxDwGQ4Vn2yFBd7XNIrLHG98PZlKEx5qE00EZopdMXvOpgYRV8F5RsRZI&id=lidar2&mcvt=1002&p=1095,436,1185,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=614391757&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660291747350&rpt=512&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6894 0
0 134ms
68ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1iDvqRSYdWvJHLeYySBOqUz1NgSSUuLSz-6jCNko-nFxHxvqgg7yzuyFzOUx_7I5HNWTLJgGpUaDRhmDlMSExnnV_7i5T-la8S8ezdSm7WA0M_GCUXebBw4Y5YVVhjeL6xFnF-EbIbhmncZAs3VOtC5qM1i-QwMPARU2zaBibTSRTBTRvfnVvg3VWA7EPy1BBxvjgIYYQryoR4PO1CdrxvC3TDb0bmzRKz6bcQOJ9gOvOCYcmNaSRvFJl7j1BzQZmwVGrRYU2tSXEKgeoXobmYO7vjOxfk_CaSb2kX9Qcm6lR_G-BmOVuwBREMxdOUw1jX_0L4VthRMrl0x4YUw&sai=AMfl-YQyoFBylGsWO4tOCt4JY-nwfJTrh6ONtqJsIKysh_QrOXVp4ezDlmIOzvR0VjzctYW9u1yq124xS0jbDR7uCzJB9JiChmUKsLPYjHs-wuq4ZwV1uwe5KOHvP3QqHidzg3c&sig=Cg0ArKJSzMAfFJllZAMJEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 12 Aug 2022 08:09:08 GMT

GET
DATA 200
OK truncated
/ Frame 6894 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e49905baad9b8088eeb92ffaf80b8b6a97e31a117391689fd47b09f3a682abf1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AC3F 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 08:09:07 GMT
expires: Sat, 12 Aug 2023 08:09:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080801&jk=1220353504625144&bg=!BAelB0PNAAa4hXTbmIU7ACkAdvg8Whiekxxx1KdyTzo-M2UsfoIBr536IwsetGyEDErUl1NA56UGfgIAAABeUgAAAAJoAQcKAEhwhAR_FmKoGH7ckz3Xjo_yxdcCfcLRFg2r1jiGJMJQ8wjK2WIYWnX3rcRlOb4M1gBsBHfU6nmd4sdXoFi6C3SEn5AAVCufkQ-ZAvyfMGgUfI6ILn7tc6lRfc1QobPmjCpubYkKNHGRcC04EDrFd1AYzuLFQlv_nR-FNpvRnUOMqCTd69aFY5MpaaTKDZRuqWATHY6L5gbM0OneUCjIVl_PuQAfW-gBqTuJXJLRnaqPhD9DPEEb87PuFLjaQxj1s-rPna5yz5kKnwzGZMebFMUNnHOOalnOCQK7aPnj1Tc7Eeymdznrz8neCtuYwR8SwOsviWade5PKptX8bjOjY1yGfDzbt1HHy3DbV5rTJQJTWYkO2KB_0od-c6XiMWVjec3FLHLDzytkfU_93InLF2aFkf9x1z--NWGRoXq3SWTix75k12bckSiCPfo45lnOUs3P67qcW-800uEd1Rdk7u1qwaDv1Xh7L382Ah3nLKeXRl706rW1RBWx9lJd6pb0TuFlQeo7r4iiFBOEumzsI6IUrnknCVEyC_O2vyPtpcdChaBM_40nWQru2sCj3-GFxZ60j4bdzlguvsI2Mfs0hwiGBgsqX448ATVXd2OWq9EE5drJZxrDINZbMRx2dc3nir0ChSrcpONoSPIKk55C2lGsNYWEP4ARcvOudKOBEAIZCU4Wcdi03Uz_TfsgT2NanZv3p9EiU8O3hHHvZm7JvIVuoJuu6VYbtaqwcP7ePdob5CIqJVLevxE6_ekRiKkIoRP4FBeQm4CjHncyd7TONE1gRpSN5Fo8I_OBFcr7mHQlyL9S97a-_2dPKu3mfTGaf2yGYBHsoJdWM7EP92aKQUWU0ehVYePRnFrRE-mOCmBjnSqjVWs_msZ6v-eU4tay1A0qbA-vUKWia9lpEaVBVz3KGHxErfn7fYmdiZP5RbZScwUxiPTI81dqljPLUnGxjiqT3clS1BSNskQnCr1UKW2wA5_MPrpXd0UUzOY3NGpmlDImMnky60PusjhP13jaHt2jDftC_3xMz8Sjsjx6w4JJ8-u8hO_vH0ZOogESrHPwY2DCEnRfVDZhB1qZ-y2SYffyQGDmuJPHPPP7EyijV_mxk3sPFHs_Wg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4674 640 B
318 B 51ms
51ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COTZHBCShCkYjZbq0AEwAQ&v=APEucNXwQrbl3ktgneK0sSlTiMhXKz_S8-lIbPRG5uQEMKTKm3GwLyN7OcaTsRCTL30sDoCripEFpKn61NEOfQl_9ahsTTY66oqGljHPzL0mJLA997oyZvotLYHkwt2wVsBpifxOQYq7ZNucpUSEJXhYtTnmn0iO8ifYR4fStjbGS05jGe0BHZ4

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 08:09:09 GMT
expires: Fri, 12 Aug 2022 08:09:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AC3F 82 KB
34 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApzskJuT3xzdRJmbBakUHTo_8ZMJN-RHaI2GnRSo1i7ll1KeC6HNONuWiqpi7_I6fDjYwejKzny3_KHjbQah2Ag0RhHg&cry=1&dbm_d=AKAmf-AFwf3AOHI1LL--8wZJ1bz1flE8uvJe6wFoCcsD3BTJP4qamQwy7j-u99HACd7vgdZIgEPG-_0jd9-q5sujl0QR1Xi8k6hirFhbDHWilSOSS9hhNoWXa7nK-kuVvKFgWGiv6zgAfBWA5KborhZ578_uld4cdhK24-Ei7xzbsmOsdbWV1nbjbRpzRvlXHUd-1hVt_XHSmVYbdg9S7L-k69Ewj65KvQjiFi9-YKtMz-uBCJ5equdSZYfHRDpAUw_MmmbgR9VsdDasKGdr7qL8IIdsVkYURBaWin_kpJ1-n_tAZlGRoYLoZWIiLZ2kRlkckg8chMIQYUqu3st2MxkNNn8XsNV-cpYkFCh3k9mYcctHfQgyjqr1W9owh5gBV9sz_VfiVQ3dffk-r_orJfm6zkCYOSIV2nmnARZZ5Z4XveGgQSkuJVV-RpAtKCLzmyKYO1vkgfEdlbH5a2MDouj-jgYsNkSPeogCnCRFKGwz2_wz6q5zWyElVrJLQEcXV8cNyM4QdPr5ex8wz8zkRUBgWddqZJ30BcZnA19oeAz4madzULEbNtI5kRL8EB6aLfey8_bs7f-V5T7y8UbjXuHKo-J_boAqwFpcdueJcpfccL-4RpeA97VuSoVpzJ6ogjMbqNbP0yIyrEfnVzQcnkTwRV0pX4DmIBY0thgUqMdamu1VYghWkw0I1Hi-Y2gEQ20-pQC0zWtbTkczfcQGUQBLKf2y9rV73EhNMD5xC8lE-X2zgwZ6dpxNYSmlBbgisjCalCF_KMPJ0jkwkj55_bBqOu2Hp7HFVqBS3FeBVjAEdmwg19mLv_CCWZxBwDdE0XLPoNUHZEAJcUxLr9NK3JV_2Hoh_-SuF8L2eMybzY43ii3lRrW85NK-2tKtj-WiO8jZIikxw-3y6bRGVY_7PfcLotj32pRlg8wCGPTRLfVxVtQvMtPsA9reTeRFljCHlyavXNHigulDyfPn5Ns7XuXiQqFXlPAhJhC9QUFgHycyEIKvhitfFnj2w2TKSiFyvasfV8bgCINo8ZDdLxZnUKY9xhpmkUaP_SnNqatP_h8Dq8he5u5rD07CPNIRpslZDQ1lMIfJgw0MCtn4ItkDr-Q3mfh8x-ww5I8nq-6lMMqEt7LiOH3N7tBgCPMurs4ZoseMS4YrWKu8QCop7-qfm5s3FPb5nt3WQNqsKsAPCo2P-BTzIrp-Hjl0O7lrpC4wy-CHC6ZVeKSUA-gnXmrmWC9LJCDhuAflaSOkDUGE4zv317lYmxHbekKXQfNdcd3BJnvCGVIz57tVgdCW1nhF8WlCC39m9Wqr-k22YXuN9kbvHd8o7P0mRnKl2zpL4i1OlM2VcdhkD16jpaP2LyAWuld5Cabb3igKtH4PZRVNfwRxZAYenOfuGR1GI8MCefu6dQK0IDe2tcrRP6tPm1JF0GFLveMqKaQo5h4IaqFHJQgrfeR8R825OWUv_k1t-HmeHJTRcVDUpPbdNpDQc-46uuK8LGJ2u02lpeqdeoEQkpy7GtO4EkcE4i1rmSwG_uSIjL66ykn_tKJotufsuaD2aSxLku6OfeDLshXAa2fbsZ8ij5_aGzw7mWKXRPpYBFD3t7fVMNs9LObSzbideyYS6ZVZjULP8eU_jxGiAug6r3GhNRCk3loUv5EVyOS3k-Z9rCrBL17YgzvRT_3sbd2SR8AiS2JxioeyfNYPx0fzAorAcyQuY0d3Ujp1I0FGraryO1cqAuzySd8nRZHKjelFvdjI8eyQduS5O_gtfknmZYlBoYF1JmfFtpthSjeBXunPqwAE6nGLJlPzN64a1FQiHznXqECcUmqH89wU2ujPcnxMc_8E9hGOjW_662Uq2G6HMQ0OomuUrIsUI1sYTuZv4dtVzY7F--jCSRT1fsKCQABex_ApnPvZglr9R7CI--gLoCaxUVVEqy4WahO8i48_A0TpTQzDFSf3yGyReU7lHRgSGzasUr6TE2AOdj_1sz5oUwSDuwu8tBlvVB4n_yDhFVPg4V5MshGmKhNoqXHhMC-RMEyv74jCYZ7dCiUDf99wLmKnazvYBADdX3HWr_TKt2hwIemgDghZGKWTqID6lSwxuxmkjY1jhKtSJW9Rj55Ksm0x7qmDB6n-mCprOfwJDmgn-7lt-IN-JQmY42SYrdjxsagxsbQ9E2wniyezdytP3-wxw0o4UH2AF5cBJWaQn0OWJQ9eEXk1d7hEGNMNVz1-frVn_Y2Jx-SHhj0-X90He4iWdAowSWNGQroJ1e5fl9xoHCZaZNk5AURCExXN3VtAoGga_tp0dlT-UGvyjeJgYvQDqph4ytu-jjEuahtnjGNhJ7uXqc7xUutSNIHygypnoCGXLfA-2fg9bEKYbIWggfYzD6kufzkz5iIfHDclpH-PhlsT_O_dIMcwyg08Wn6tzBPqgDDi5RBGp-u2RmHxdhb_RrC-RbkhV9IkFIIkMGiFmp3HvoTW4gy-EuxCnWfgh2elqI4fyqN5qAmjaiKfzYqztSN6p89ri7Pm9Tsn8FZOhbUZTV2hHZLNknR2KEeNKpWQRUO3tZD7l8DYqMxYNXk00f1ianRvKIQr6z7HUzl2GH42QbBKcDPHsgYjAWPBGUcSsbXuEFDIebS2-MjScu3g-KZiZjlbgCeACQY-kQYpalcKGbnRySRF_0d-reDxxRoUGu9TdRZpGQhFarCEvcB_mFA9t20Kd1pRq5-OOws7sjaXQCCaAsldGlxPiL_UXCu2oAP2hHPE_6yYyqMSnBOt1kAhWh62kQZDVzhTCSWJnMjaXkCgbuGYijmkcsa2Trv2rUEklDU2ubdATVG3CGbtq_KENYNJsnnBJQtK0nVty145M-QRPiMQ7ud52Py3dWbOlqKpYmqRyGdR-sRKkp7ESkfxFdC8cTtzyipZEmIf_azGtonuGcqhsJCPE29vu5KiGSfWdUO-jrrVHGFWrolTjx7uEafpTCDskSuTeOxkHsgAa8qOBxj_dzBXh0BpHZjEDGaREHynvjiLCP_d5SR1cA6c-r-YTrmUiSYdlQZ_S5u5o0fdaO51Lz2KLn52r2fwfTz8KKtwjiFvZRKVP81GB1kyzW_1dcrIKFnaYOzqfc8SwdCFpraD2KyiVTsVL7R6H8ywGWRvGK5A72Va4pTaWCS9UTg5ERP2-zPiVtWfkCJrKAPYtz5-9IHtVjNXnAbZao5MTC9I994n9sId6-jjB6657JqZ7jcLD1AbKBZWlhCGXygoQNhJfx6ad-3IS9JCZfvDoHsfRW6hkQE5cIqanaKP3BtGJEI30LIYWn2S58RFU_Qn-njIb2TteQMWLAyP2lJasf3qDc2zoyeCs5FDKFEy_E-3UGaS6eTWhipFfiJtTlPap_CjNUq4rkZ3Ny1PPoUIh7zn6Zs4vf8BJsHamV6FJhN1zimeqx5ogxnT-UbTm9Mcg57vP_XD97xzkGV3iUkMQJ5OZ60C2CsWCPSUgYl87GqmlmlqA6KsYS9XlESXKEF9-mJGH2DYe5-2sBVMWxSjDzTRu6pCH5Y94Ld_DUouM_A5bJvJZpBcAbeqGXwBQXdaUDjtAHdg5Cbn_sKEU0GC6it8jid2Zw2wXp-a-UYODDkzEBk8tXQ_9BWXgTnRxVQ0D5IkAklW47X4Askgc7W4Vj5Ze1wNiuoZJTSGmhLLXadKr5ZO6eatUgOQngyGfIkwgEu1UsionNy08G9KXb4rWzLewO5b-F761bEFZUz4YstQa_Aa_AyCUKbUBs7MGtizKbwNWcyZb7P6giI2tyfoBtsxNwYU4E9H3car7du-m5EU7fdQjYngcA99HmUBYgbGZXY85WQim8ccU_GaxCGKmyAcsztbycFq30CxWw7ZUg6Bfk0HQ00UTRLaRD49mfhjccL6GTG1iJlnsAQDBIFF871yvUOfazLDMhHuHmAf6hltDIFUJ-V2HrRiKNZ3l0Xc5jdfSXOMF2PAAn01AIJ3H8H55Rxyi32S3ywJxFMn_Y9Hw8D1XxGoR73EJE-aG-H-ZYgezmMnm9gINOHc3BZvHP8ISUBDZGB_wOyv3iqS5rRLFyRvqcrsVw9sa6MFeAERylMQuuoknaIJyCOhvTnTHkhehphD0mUe1a50zeSlszq3-WU8W5BpgMTehWBh0nTw0gVA-If0MQOhUN7Aneik9Zu9IftcaE1qIzW6ks-1R-kb-hKUBRdmUxvSMU26AFl1oQDB7vvd6C5Yw4HJrEki_rz7exA6g5nWR0nUYoTM4ypZlFe0LXYHlwl56wBWpxI_jmkY46fVPzscGc8-dWnpp-txqUIt4OQ0rzucbFomaPsUEPmOaQZXlWM-2VM5bMvxpKrXXJTMaANGX7ajxa0GFHXPgzHTlhP39NuBTc2ZzVdb6kPt0sBGV_D2FXLKMWsIENjknPN1wcPJBxW2BxLonu2Mm4mYDzEsighArf6AM14I7wFGgu22181ceUh2naEevlCDIYNb9-6djjNkcW2sVX7sGYlnG9Lb91XMeo6YitIYpxnpg8HdlX6GrQDh0B8zlsnkKrtT5rGPHxS957rLSDW3lDPSQizozMAavzP8dsFGn0aKpVhzOCzOXafdJIfttcBOMTCa6K9B8D6ssubtSihQpMg1aFfHPcBOByGpM_69pmtLEgt28F9_TqD71jPVJMwLWfOMkMebnnVsUHgln5uoOF2dW3UgedmiIrSzlDnV&cid=CAASJ-Ro6eN0PQqPRRltwdCW8opFU8ZaCJRB1LNwDDqplQ36oRL67fdhow&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstwLmBydVa3vOrwd6ghA18lkk4NTqiAAbxRW77uWOWGKUFgk2FMr8Zq9pULbUtPs5Ie08GbiKi-VEUHCfMYpABzBiag_9bFD2EjWAe40w5pB9i-SHoA5-YHt93MKkv9P9DdHRbkgn-HjH2AI0t9KX8GINrgICgTqpzV3y7_ASlmLz7bhkoWoCxi5i1AP-yYzBuY6pf9f6RPwZCAWguoI1L-PdQliJrCtkgDc5N_zVEKOHmFcs9SMY0nsY2zZ9N_akgPIcKZCqu_XpFmcWTevrQODnNm91fvK-BEQwYeNab7ctNMxrtfZX4Hto8fwQBj7-Rgrz2--Hngi6iKa-cUjRE%26sai%3DAMfl-YQsGOBrfi4lnjx3-URf6ODwv0KW9G0BG93lX7ngqDMBu96a7LQY3-ij4dUD3rxitNn61vOZK2lHr1OmQMNMW3IagZXgibzV1tZHA_CR4B-reOBpBHOl7pwY1Z4zR91aoA%26sig%3DCg0ArKJSzKVtfdlFLPsSEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4adc9d0c1a29b72e0aab4f59758387f6967c02f5e9d1e0f936eab75441612c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34939
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC3F 42 B
63 B 73ms
72ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQHqpxfIj21U2UWVz773e1Yls6NPw6-9_KvZnlT_fp_lD1OegJzWBlaIzSrr3d7TS66sOb4m9vyc_ubai3mAnziEua-RCrISi3xNNFkOwpiobbuRc

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame AC3F 3 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:31:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC3F 140 KB
43 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 08:09:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame AC3F 17 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 08:01:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AC3F 0
0 48ms
47ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZg3XwRxCYY3k9UQ3p12EcQ8ycPmYCZZthTyM-g3IUtbZB_iyyIpmgd4RzQybanQO5dBn4RVsLuhEdce7JqFC2mFfVRw
Requested by: Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

POST
H/1.1 200
OK ingest.php
events.newsroom.bi/ 2 B
844 B 14ms
14ms Ping
application/json 188.40.92.96
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.k8s.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWDAxSYNx2qcCaTgL

Response headers

date: Fri, 12 Aug 2022 08:09:09 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4674
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPJWlz27c-UfDmRjMcAjLK0&google_cver=1

43 B
114 B

71ms
52ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPJWlz27c-UfDmRjMcAjLK0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTZHBCShCkYjZbq0AEwAQ&v=APEucNXwQrbl3ktgneK0sSlTiMhXKz_S8-lIbPRG5uQEMKTKm3GwLyN7OcaTsRCTL30sDoCripEFpKn61NEOfQl_9ahsTTY66oqGljHPzL0mJLA997oyZvotLYHkwt2wVsBpifxOQYq7ZNucpUSEJXhYtTnmn0iO8ifYR4fStjbGS05jGe0BHZ4
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPJWlz27c-UfDmRjMcAjLK0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 4674 43 B
304 B 125ms
51ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTZHBCShCkYjZbq0AEwAQ&v=APEucNXwQrbl3ktgneK0sSlTiMhXKz_S8-lIbPRG5uQEMKTKm3GwLyN7OcaTsRCTL30sDoCripEFpKn61NEOfQl_9ahsTTY66oqGljHPzL0mJLA997oyZvotLYHkwt2wVsBpifxOQYq7ZNucpUSEJXhYtTnmn0iO8ifYR4fStjbGS05jGe0BHZ4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 4674
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEHpaDqYKl232NIjmr5RnXJQ&google_cver=1

23 B
172 B

37ms
33ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEHpaDqYKl232NIjmr5RnXJQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTZHBCShCkYjZbq0AEwAQ&v=APEucNXwQrbl3ktgneK0sSlTiMhXKz_S8-lIbPRG5uQEMKTKm3GwLyN7OcaTsRCTL30sDoCripEFpKn61NEOfQl_9ahsTTY66oqGljHPzL0mJLA997oyZvotLYHkwt2wVsBpifxOQYq7ZNucpUSEJXhYtTnmn0iO8ifYR4fStjbGS05jGe0BHZ4
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 12 Aug 2022 08:09:09 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEHpaDqYKl232NIjmr5RnXJQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 4674 23 B
172 B 89ms
33ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTZHBCShCkYjZbq0AEwAQ&v=APEucNXwQrbl3ktgneK0sSlTiMhXKz_S8-lIbPRG5uQEMKTKm3GwLyN7OcaTsRCTL30sDoCripEFpKn61NEOfQl_9ahsTTY66oqGljHPzL0mJLA997oyZvotLYHkwt2wVsBpifxOQYq7ZNucpUSEJXhYtTnmn0iO8ifYR4fStjbGS05jGe0BHZ4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 12 Aug 2022 08:09:09 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 79ms
32ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:09 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Aug 2022 08:09:09 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame AC3F 106 KB
37 KB 129ms
45ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Origin: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Aug 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame AC3F 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApzskJuT3xzdRJmbBakUHTo_8ZMJN-RHaI2GnRSo1i7ll1KeC6HNONuWiqpi7_I6fDjYwejKzny3_KHjbQah2Ag0RhHg&cry=1&dbm_d=AKAmf-AFwf3AOHI1LL--8wZJ1bz1flE8uvJe6wFoCcsD3BTJP4qamQwy7j-u99HACd7vgdZIgEPG-_0jd9-q5sujl0QR1Xi8k6hirFhbDHWilSOSS9hhNoWXa7nK-kuVvKFgWGiv6zgAfBWA5KborhZ578_uld4cdhK24-Ei7xzbsmOsdbWV1nbjbRpzRvlXHUd-1hVt_XHSmVYbdg9S7L-k69Ewj65KvQjiFi9-YKtMz-uBCJ5equdSZYfHRDpAUw_MmmbgR9VsdDasKGdr7qL8IIdsVkYURBaWin_kpJ1-n_tAZlGRoYLoZWIiLZ2kRlkckg8chMIQYUqu3st2MxkNNn8XsNV-cpYkFCh3k9mYcctHfQgyjqr1W9owh5gBV9sz_VfiVQ3dffk-r_orJfm6zkCYOSIV2nmnARZZ5Z4XveGgQSkuJVV-RpAtKCLzmyKYO1vkgfEdlbH5a2MDouj-jgYsNkSPeogCnCRFKGwz2_wz6q5zWyElVrJLQEcXV8cNyM4QdPr5ex8wz8zkRUBgWddqZJ30BcZnA19oeAz4madzULEbNtI5kRL8EB6aLfey8_bs7f-V5T7y8UbjXuHKo-J_boAqwFpcdueJcpfccL-4RpeA97VuSoVpzJ6ogjMbqNbP0yIyrEfnVzQcnkTwRV0pX4DmIBY0thgUqMdamu1VYghWkw0I1Hi-Y2gEQ20-pQC0zWtbTkczfcQGUQBLKf2y9rV73EhNMD5xC8lE-X2zgwZ6dpxNYSmlBbgisjCalCF_KMPJ0jkwkj55_bBqOu2Hp7HFVqBS3FeBVjAEdmwg19mLv_CCWZxBwDdE0XLPoNUHZEAJcUxLr9NK3JV_2Hoh_-SuF8L2eMybzY43ii3lRrW85NK-2tKtj-WiO8jZIikxw-3y6bRGVY_7PfcLotj32pRlg8wCGPTRLfVxVtQvMtPsA9reTeRFljCHlyavXNHigulDyfPn5Ns7XuXiQqFXlPAhJhC9QUFgHycyEIKvhitfFnj2w2TKSiFyvasfV8bgCINo8ZDdLxZnUKY9xhpmkUaP_SnNqatP_h8Dq8he5u5rD07CPNIRpslZDQ1lMIfJgw0MCtn4ItkDr-Q3mfh8x-ww5I8nq-6lMMqEt7LiOH3N7tBgCPMurs4ZoseMS4YrWKu8QCop7-qfm5s3FPb5nt3WQNqsKsAPCo2P-BTzIrp-Hjl0O7lrpC4wy-CHC6ZVeKSUA-gnXmrmWC9LJCDhuAflaSOkDUGE4zv317lYmxHbekKXQfNdcd3BJnvCGVIz57tVgdCW1nhF8WlCC39m9Wqr-k22YXuN9kbvHd8o7P0mRnKl2zpL4i1OlM2VcdhkD16jpaP2LyAWuld5Cabb3igKtH4PZRVNfwRxZAYenOfuGR1GI8MCefu6dQK0IDe2tcrRP6tPm1JF0GFLveMqKaQo5h4IaqFHJQgrfeR8R825OWUv_k1t-HmeHJTRcVDUpPbdNpDQc-46uuK8LGJ2u02lpeqdeoEQkpy7GtO4EkcE4i1rmSwG_uSIjL66ykn_tKJotufsuaD2aSxLku6OfeDLshXAa2fbsZ8ij5_aGzw7mWKXRPpYBFD3t7fVMNs9LObSzbideyYS6ZVZjULP8eU_jxGiAug6r3GhNRCk3loUv5EVyOS3k-Z9rCrBL17YgzvRT_3sbd2SR8AiS2JxioeyfNYPx0fzAorAcyQuY0d3Ujp1I0FGraryO1cqAuzySd8nRZHKjelFvdjI8eyQduS5O_gtfknmZYlBoYF1JmfFtpthSjeBXunPqwAE6nGLJlPzN64a1FQiHznXqECcUmqH89wU2ujPcnxMc_8E9hGOjW_662Uq2G6HMQ0OomuUrIsUI1sYTuZv4dtVzY7F--jCSRT1fsKCQABex_ApnPvZglr9R7CI--gLoCaxUVVEqy4WahO8i48_A0TpTQzDFSf3yGyReU7lHRgSGzasUr6TE2AOdj_1sz5oUwSDuwu8tBlvVB4n_yDhFVPg4V5MshGmKhNoqXHhMC-RMEyv74jCYZ7dCiUDf99wLmKnazvYBADdX3HWr_TKt2hwIemgDghZGKWTqID6lSwxuxmkjY1jhKtSJW9Rj55Ksm0x7qmDB6n-mCprOfwJDmgn-7lt-IN-JQmY42SYrdjxsagxsbQ9E2wniyezdytP3-wxw0o4UH2AF5cBJWaQn0OWJQ9eEXk1d7hEGNMNVz1-frVn_Y2Jx-SHhj0-X90He4iWdAowSWNGQroJ1e5fl9xoHCZaZNk5AURCExXN3VtAoGga_tp0dlT-UGvyjeJgYvQDqph4ytu-jjEuahtnjGNhJ7uXqc7xUutSNIHygypnoCGXLfA-2fg9bEKYbIWggfYzD6kufzkz5iIfHDclpH-PhlsT_O_dIMcwyg08Wn6tzBPqgDDi5RBGp-u2RmHxdhb_RrC-RbkhV9IkFIIkMGiFmp3HvoTW4gy-EuxCnWfgh2elqI4fyqN5qAmjaiKfzYqztSN6p89ri7Pm9Tsn8FZOhbUZTV2hHZLNknR2KEeNKpWQRUO3tZD7l8DYqMxYNXk00f1ianRvKIQr6z7HUzl2GH42QbBKcDPHsgYjAWPBGUcSsbXuEFDIebS2-MjScu3g-KZiZjlbgCeACQY-kQYpalcKGbnRySRF_0d-reDxxRoUGu9TdRZpGQhFarCEvcB_mFA9t20Kd1pRq5-OOws7sjaXQCCaAsldGlxPiL_UXCu2oAP2hHPE_6yYyqMSnBOt1kAhWh62kQZDVzhTCSWJnMjaXkCgbuGYijmkcsa2Trv2rUEklDU2ubdATVG3CGbtq_KENYNJsnnBJQtK0nVty145M-QRPiMQ7ud52Py3dWbOlqKpYmqRyGdR-sRKkp7ESkfxFdC8cTtzyipZEmIf_azGtonuGcqhsJCPE29vu5KiGSfWdUO-jrrVHGFWrolTjx7uEafpTCDskSuTeOxkHsgAa8qOBxj_dzBXh0BpHZjEDGaREHynvjiLCP_d5SR1cA6c-r-YTrmUiSYdlQZ_S5u5o0fdaO51Lz2KLn52r2fwfTz8KKtwjiFvZRKVP81GB1kyzW_1dcrIKFnaYOzqfc8SwdCFpraD2KyiVTsVL7R6H8ywGWRvGK5A72Va4pTaWCS9UTg5ERP2-zPiVtWfkCJrKAPYtz5-9IHtVjNXnAbZao5MTC9I994n9sId6-jjB6657JqZ7jcLD1AbKBZWlhCGXygoQNhJfx6ad-3IS9JCZfvDoHsfRW6hkQE5cIqanaKP3BtGJEI30LIYWn2S58RFU_Qn-njIb2TteQMWLAyP2lJasf3qDc2zoyeCs5FDKFEy_E-3UGaS6eTWhipFfiJtTlPap_CjNUq4rkZ3Ny1PPoUIh7zn6Zs4vf8BJsHamV6FJhN1zimeqx5ogxnT-UbTm9Mcg57vP_XD97xzkGV3iUkMQJ5OZ60C2CsWCPSUgYl87GqmlmlqA6KsYS9XlESXKEF9-mJGH2DYe5-2sBVMWxSjDzTRu6pCH5Y94Ld_DUouM_A5bJvJZpBcAbeqGXwBQXdaUDjtAHdg5Cbn_sKEU0GC6it8jid2Zw2wXp-a-UYODDkzEBk8tXQ_9BWXgTnRxVQ0D5IkAklW47X4Askgc7W4Vj5Ze1wNiuoZJTSGmhLLXadKr5ZO6eatUgOQngyGfIkwgEu1UsionNy08G9KXb4rWzLewO5b-F761bEFZUz4YstQa_Aa_AyCUKbUBs7MGtizKbwNWcyZb7P6giI2tyfoBtsxNwYU4E9H3car7du-m5EU7fdQjYngcA99HmUBYgbGZXY85WQim8ccU_GaxCGKmyAcsztbycFq30CxWw7ZUg6Bfk0HQ00UTRLaRD49mfhjccL6GTG1iJlnsAQDBIFF871yvUOfazLDMhHuHmAf6hltDIFUJ-V2HrRiKNZ3l0Xc5jdfSXOMF2PAAn01AIJ3H8H55Rxyi32S3ywJxFMn_Y9Hw8D1XxGoR73EJE-aG-H-ZYgezmMnm9gINOHc3BZvHP8ISUBDZGB_wOyv3iqS5rRLFyRvqcrsVw9sa6MFeAERylMQuuoknaIJyCOhvTnTHkhehphD0mUe1a50zeSlszq3-WU8W5BpgMTehWBh0nTw0gVA-If0MQOhUN7Aneik9Zu9IftcaE1qIzW6ks-1R-kb-hKUBRdmUxvSMU26AFl1oQDB7vvd6C5Yw4HJrEki_rz7exA6g5nWR0nUYoTM4ypZlFe0LXYHlwl56wBWpxI_jmkY46fVPzscGc8-dWnpp-txqUIt4OQ0rzucbFomaPsUEPmOaQZXlWM-2VM5bMvxpKrXXJTMaANGX7ajxa0GFHXPgzHTlhP39NuBTc2ZzVdb6kPt0sBGV_D2FXLKMWsIENjknPN1wcPJBxW2BxLonu2Mm4mYDzEsighArf6AM14I7wFGgu22181ceUh2naEevlCDIYNb9-6djjNkcW2sVX7sGYlnG9Lb91XMeo6YitIYpxnpg8HdlX6GrQDh0B8zlsnkKrtT5rGPHxS957rLSDW3lDPSQizozMAavzP8dsFGn0aKpVhzOCzOXafdJIfttcBOMTCa6K9B8D6ssubtSihQpMg1aFfHPcBOByGpM_69pmtLEgt28F9_TqD71jPVJMwLWfOMkMebnnVsUHgln5uoOF2dW3UgedmiIrSzlDnV&cid=CAASJ-Ro6eN0PQqPRRltwdCW8opFU8ZaCJRB1LNwDDqplQ36oRL67fdhow&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstwLmBydVa3vOrwd6ghA18lkk4NTqiAAbxRW77uWOWGKUFgk2FMr8Zq9pULbUtPs5Ie08GbiKi-VEUHCfMYpABzBiag_9bFD2EjWAe40w5pB9i-SHoA5-YHt93MKkv9P9DdHRbkgn-HjH2AI0t9KX8GINrgICgTqpzV3y7_ASlmLz7bhkoWoCxi5i1AP-yYzBuY6pf9f6RPwZCAWguoI1L-PdQliJrCtkgDc5N_zVEKOHmFcs9SMY0nsY2zZ9N_akgPIcKZCqu_XpFmcWTevrQODnNm91fvK-BEQwYeNab7ctNMxrtfZX4Hto8fwQBj7-Rgrz2--Hngi6iKa-cUjRE%26sai%3DAMfl-YQsGOBrfi4lnjx3-URf6ODwv0KW9G0BG93lX7ngqDMBu96a7LQY3-ij4dUD3rxitNn61vOZK2lHr1OmQMNMW3IagZXgibzV1tZHA_CR4B-reOBpBHOl7pwY1Z4zR91aoA%26sig%3DCg0ArKJSzKVtfdlFLPsSEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:48:31 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame AC3F 30 KB
12 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:43:39 GMT

GET
H3 200 container.html Show response
90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8DFA 6 KB
3 KB 42ms
42ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 08:09:07 GMT
expires: Sat, 12 Aug 2023 08:09:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6AB8 15 KB
6 KB 53ms
18ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=diariodonordeste.verdesmares.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 08:09:08 GMT
server-processing-duration-in-ticks: 3386
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 64ms
32ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:09 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Aug 2022 08:09:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AC3F 41 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Aug 2023 07:50:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC3F 0
0 75ms
74ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuktj_IxQrPG8mnw87nzGKU9wWEK3scEk92l8sV3ihLfD8ngsavvOXJJxdsSSZTZl_dpgZtC2DRkhHm45T1jqb704JxtMrGwoQBvxxg0-CeGbeWdxooGx5Zqu__uDplo6LtDz2oxUA7BmxV4orT7m7gh0NYfw71IKyr5zJqi6H4GxRLuSaLt0pduzwD3MxUxUKdbDAquM0g3qeh9nS5Xrp5mcLuOmXxb2RmTJ6onN7XFebAwT2IkddljgTY3MuDPyncKJ1gnhkIsGiQIzO8MD5zcYNB1uMgn4j3K1yd67LRKMWCEeRYOQ23fKoxQddavt2tqc_g8_3ZjT3rPMs4px85XiAO9Q&sai=AMfl-YTg-T1noS0lQzvCVrQ66inW7dDbFey4Ms_Dos1uu9_8dZ411ALc_ld1S3L_zSCot9Q0WZBYmhVd40dZDPVbbN2BYl_rh56EVh1UdoHXlYBGFpCa806h6Rgyu_rMOqOKyA&sig=Cg0ArKJSzJrYpcnn7caWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 12 Aug 2022 08:09:09 GMT

GET
DATA 200
OK truncated
/ Frame AC3F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75d5bb9744232281a18bb0311dff08777686aa9d156c53aed2ea96458a6e9406

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AE9F 466 B
303 B 65ms
63ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COTZHBCShCkYt5fq0AEwAQ&v=APEucNVH9KKPDN-tywz7Llgp0RGBwRaC5e6WInneE_nPSbtT_zetReBClVyDZ4KzvbRjs1kmUsA_D-pCHpWoAD4N6dhQ8yne93eZYwgpCWqpvYwssxma8uiZ2y42X7EgG_ziwVLrnrsNXNVbEhaEuiyFYlPLa7EIreBryuQ9McgdLxy3YZj9_i4

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 08:09:09 GMT
expires: Fri, 12 Aug 2022 08:09:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8DFA 82 KB
34 KB 92ms
89ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOq6SjG0rnX2kiHGnYULu0fOZ_o6e05lwoK6ANx0VwttSA5a1TPmzNpUoijhIoNtDVGmFVVv4fr8pgOuUPEGJtKxUHjg&cry=1&dbm_d=AKAmf-BWxC6s5aZ00zIF07yFgnX8bJJS_uCMZM_jSmatOZ-5qNR8oLFNLjWz-_8o8oaRA5nVgf9CJVfJb88DeCRzmNUDNMK1_2GdBHqxuPptKF3tcpm4AIZUVNk5bdVEA1q0OPygYsPmLoqQU8kn8x4rK7jIa49qh1-qv-IybEKhGjO-_gg-Z7WNkDV-qg_qUXXdKecPNiXVCGTYB7o-geM31N6EBOfZwbmsMWkwewR5Kjhpt-zBR0m3Q9CMr0mwRLTkPv9yP0csbbUd6ounZSO92_Ydn6TifOwlZqMjN725w-MFX6Ye1kpLganjShd0NOrxEIQ-sXwo-I2ZE5O73Kuzfvk1jYR19KF29xriOiKTni6Bb4UPEwfXO21Ra5QV9_8JyOUr-a6CrOjvDzD8GYv9Tj6ZDEBP5JdpjcAWxsAueoSc20BVdpje-qotSU9fBrbw_j10MK737LVBsddtwL6jhyOVR_epmcce5JXYpEbd7MIw83ungK2Po8xGAC8lcUVrSnOTDDKkSYJbF2kejwwHh0aRRJG5V57xSrkKzj7Ptdxv3su7FKgA8wyzZa9oGGiqY0UKPOjLLQXfGeIjGCeRKWW1GQASjCX6ENVgQx1tjUm-c84k-dstTc2ybSdk_sGVpaDlU0gLtYO0JrRkzxJHaQ7BpWGQKFPfqqDT2SsDFngaptyJslFBGVg6tHzn2I429TOnpyQOyCqyNgK8YK9701M2pSLdUkFz4rRg9QLjPnKr9b5-r3ElZBKJ6MihmIlHMFJc5B6DRh_WAkEzazdJZaROVyXK85Vo8KmUBGs4VrpfQFG2RMgZX2CKcmBP355WN1JSRShD_l8ODvWAclq1dqJ_nSSX71Ow1bHGx7DMiQc4oxfnOzYWhsga6YLFSgcC4JZhk5s6JszIe81Hg6bHJ03g-vqKzEhx33djrEB4Oi5QsgIR_XLVYHyko_nJES0G5n2Vk_RLeE17pCy15iIu7Thx9EIoiP1fjZtR9tICCFop2Hp1FT4TotOgkWcHZ8U9GHjfSlHaLDF-UCHt1d_-dik7ntsfrGTcMthSr12CkIDumoSxmRe4MKPraaxOtJv9V__aauAYARuSxo_I-HrpW4qcsyJw3j2zclWQ5ooWb-L_NIjbXqRHSF11vv4ue-oTBHWLIqbmrOMYh1pFuA3rnsJVrkrYbTPKw8W-iqUYgI9rik8V60U1R4u72QP5KYNTAZahxNHGbaLCM8Z_998-QEJTmtV6F7JpfNzGTzTX3r1YlTk0d5VtFIEjaCqzkAkyAp4hFWXnZJjrGhs7EfxW8JngUgw-sPD923zx1QTBenmGqBK00iIevGdsEUZbtgCDdGEoPYMRJ3y7Eyio8QiwH4-9KcH2ODVoTBK0yxsi7pBV2A2PviqABE0-Jbp-_FkNG3gKxZgJDLFVjxhaJrW6HsglDmBQfn0PjeNR_23x9UeShwPMOWjYMddtR6iTy5I5rBgB4gyrV0ASSo0YkrEQ3MAz6sMtxf18kLHhoAn8hr4Jl7HqXIDIba5CXLwGxX0SlYmghyZL1VL7VTQ-PeDEGB8s_ge_NyuQAy9u-vQrh_pG9vDUULXwsidCQKrRgw1fIsLIxFKGNnwljfXX5yHtIX95wOXhgjQ8djloRs8uj6ic_0rcMIvc_khoMtKOdE1MEEtNoX1gNn3HAwzwT8UfAaZJRLoheYeb8oAT_AiEqxH64Y0nK8O8ZBVPgE4Bq8TmvfkIpHK87rRIUn-SBWpoCxxIJ2v9tIa_m5wbHxUuzrWe0tv_ilstAUREgkr1YOeKIhzp3mw8dlbzGG5LQHqWMQPKPZ-UDUDVDWLBuqTWyFlOO3eU2Om1rjOMT98bx76qx-PYLhjt6V3UNuHTkq8TKjyuNuu9A5gU4m3y8Pf-KUUWBSpbAhYDJ8YyRWk-9GxN9luyM3t5rGhe_Ff06rVFr73vG7I_0bwjs5hCQpqKmzYUfhXEnq_pINBdiFe0JDjkMJqCB4FpeETZL1eMjbhwEnboNgAn7UnGeJVrBAY2r0QkjsMvyqHMXSJc7QfACuX-rHWZCmkCw_W_5FYftmlHykUFRs-v_XggYN0MRXs3S4MgWHiv6oMo8U9hTIdZTvfyE_xk_m0fBOPCKd5rYBivY2JqoQ8nqqfsZwyVM33mpIHerGAaOS6A0a_uBck9cIjnrw1QIu0IojQVUJynDE2OeqXRWjuhaOMOx-AMmfsdgCCEBcYiJ7hXDwGxiV0jn9d21HO7kpt_Jeh4jmk0VLQOfPDLH6d7H0tmpk_o1TdH-ywSq0NB4i6b5LL5YUGvHckdKf0g7dxA1fttsslZs-vwSIxLRyG3P9KMlJBpyDB2LNEZOI2db9qqQYE4TwQ1leiZKmRIaRe4mMBPrwfPMQkh54gwDjjd9ObtFP16YZWxLyZgke9j_ZqvzJ3Vu70RUH5G_vMKJ5aKBszsQq1AOYnLWSj_7pFrs4clPghWMEAMoKQwvenbAmtvHJiEDZtF6YustphQFp5D6BhTr5vKJOiRSaFE0Zw7Vou_ukjFvb4ee5E6wXuulu_KH2ulTlDaumaC4RMzH0r9xG6rOcomiB-yNLT3iWM3SK7r4kaR9-Bs8In_X_8CCHqVrfm-ify4e7ZtOESWUx7vdARwysihf9ZQgCpvarJUSiQO-pape3vf1RzH05vN_PSA6F0U_RmsbhfYa7XhqX5Yo3JnTBvh4-He62HhpxGgNmhYiEpvwb4m2FqZdAEWSPG2D3X7ti5bWsk97fTXyKV_n_B-rK9jqkcwz21ay89fcR94H2XyfBkdk8n_wtS2_T6ra4djU4ONnF_xKmQBf0yub1fLiAS1mqu0dLfhQxBT9iPdu624_r9DyZomvgJDwI7l65YlhbcUpBYLtVZVd9mJoDAL7w10SWqesO9X9_jgBJDuSE9PWy8HalzN8rwDf5TCYUZe_kU_8qRDhN5lADDKCAiLi7f1XJwO4DADcV6V-zMSXoUb8zNdLwSb0peIkxsXv4h-Lr2LuTnqxzaftEogOyZBMWJa7OvzPVBel4FUJ6hacn87f3yS0f_yV8M-8OrTY8olUZ8Yv3tnm_v1LDaYDK2RUAGnH1Ujsy_LT-Uk_LDcrKamKJvnMDi0Syh2kfhwOxBBIFOqOwRFywH0clHE0Emt0C8DeGvpfI_lTGk2jFzK5fCbEXBct9jzo3-KQFqqnISn1lXuyKMcsuqEEmSRt0LEY1sQ8hcqQzel5gjtSZhoeo7XPII2AyvNlZnoxE0Ht-ANfuVeFYeFbAziEVu0n0Ir8SEt9ZZYyfFYExgGlNN0gnbB6S2Px4jKK6ycK5AGV1PiCYRuRmJ4cZqsS4zLZBHqrdN207TzuWs_OGWoiF-rp-PTT7S52Nvdix2MHWGiTjqOoJJ6g6YvRJm1MIh4TLiQ-3ZC8eL2YWv7a4P0EY7j8eZgXW65wvGz5eYla7aOzk0KoX2ezfrThEYLa-r2t7_nSA2JnqEITxv_nU3YHIqm0tvW1wTkhr1EjqoCZhloPYgfugdPQR2SSeN5z2FF7OG2FUBMCvehFmPx1IBKIifzRUJvOIxzXncdYR6ReBRRg_zm6YHea2eCRFUCu8LV1Qxr9vmvF68Wi_MFyMndpV8pLzcbMpuvn9vbiK8ZgHnt4NuAors0cLFlaJ96dqV6YGaGHd_ku2Tu6VZk1VaQPgFhCtlltWL-normjjy6w9UeLIfPoMdOimzArs4zzo5rcf-Z2PPEw3fOOdDAwD04uJKChJHmdKe66TCh1yeGEGhLNBfZu9a2dFVpVi8HFTkkEuzG-VHJUSKB4d7Ab1Z0uQeOieTx5Ii1x3OTjVDAGF10tYI6pH0vSlKWJh_8Vc29pnsC4_o4po_Sv5KBHD87il09YWoSVl74wOF8R976DbLirQ4zOllIjJBdv4Qv91mtD_pay_uhEvev2pie_5deu9482YedAixcsI9d6gGXa5ujQMDldPnD06yfgZjWdGOR_zur6-AeXI0laZXuAQYm87o35RMGxPnYBm328Uayuo_f0C_ArBYEbngj_9xrLqoeUoLv8HIB_LmfCzBrx9zSYTrkORgyOlza_JCc4NNF-moX5GTzDv92o-rn6Kj-_y5uTATwgLgLR3NpEvGE59Kzeq27G4EulF6HInrG7vypKneTXTVaROEi9sD7v0H4ZCGPPtYSUDOnmRfjQboZrIiIhIMCADiqEW2OzYu0EU_HQ9eIPuP8sJKIWvliG9xk2mPc9UkUEO8wtlv7fvU8iPYkPFI5KEiB2m7tHud03NZHYEFoo_fLBTS0HDs_cDnfGiLggKrtScQ5QSxKnEN2eSvZeItcO_340bqUQijv5FbMX745_VbY1tjpJdoA5gYB2ImpPPKaxsxpqKy8I6H-eSiCQmjZBh4QMTLsYdePLXw4VTUX03239kzKlSkR7AuLdHEaTMcZ0tQunidPVB5OcZNuxQLaBd0UKqfNDAw9zcoyhW12-wUi4_10MhGjknlhAit4U-6oUVdVdLZ-YNWYAQB_mn8U57NptyIIXPJojhr5p2-pxBH-PYaCoSAamdxJCincVmModIJ8xh4LfYZDhJrwlnT2xG1GqYzw_bGAw36kK_z-salNzxfhQbDcfoOeHGO1Sk3_VvbMO-np9qn2T3QFRw&cid=CAASJ-RoaOuux9Nu_iXlSsX400ryH2FfgR6h-4cG5IHYmZM2c5cnGtzDJQ&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsslA9tc_3JdWYBlKgEjtcWY4zsrg7nyNuxxVzB0FblZkEcD7PxXYuXq9CD7B0hbyTNz7U5sn_NtIaGLAWftqHF0xQFe5wxP7IPz-TApA-wDatjeQxWf52ZkcHIFoIEn32Z54PcL1QqC9scVKgtDLPXhFuiWpsIBQF53_dlAXPFTjm1jLsNShxFlGpsxNOe5Z_maTBmM3k9QCy0Y_V7uPH40KUM04EBR70QkSHXMWPCmxlhqO9lZiPEAFlYbGLEv2m6DkpIvKTI8j-rlb0nZeZgFIYevNn1LXhEINhqSJTOCJrJvifnryR38sQ4mpxJbvCn3p28lRNRk5SsVJ8VpR04%26sai%3DAMfl-YTPLsFyD2Ohxk5f9tKfg1WOBKg-Z40cFwaarr1iQx44ZDY2WyDLhOntUgnUvjFeouXUJtjW_J3xb6g84Xa7Bin-lrOlDNENBjXbHH8-0_HwzcQIhM7LzLN5IbEQ7ge8Sw%26sig%3DCg0ArKJSzNvc3b0Aafc6EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccdf9f68a966e1446a1b1e0836c76cff2323fc37127acc5011a66619f4724b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34766
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DFA 42 B
63 B 85ms
83ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aa0CsxtdURH7EDjj6TDb4-aOqN4WwxC3eptYCQBLqaO2y3zk4ycFpcW4fgxHRfXlsWqL0eaLqij7aLq1B3hUQQhCIBc7V_mXYcearxTgpTLJy6riQ

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 8DFA 3 KB
1 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:31:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8DFA 140 KB
43 KB 66ms
64ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 08:09:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 8DFA 17 KB
7 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 08:01:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8DFA 0
0 58ms
57ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXhFlJrkUC9TYHR6Zi5r4EYU-y_jD9xYXwkUJ6XAu9nGwLXzr_sSrB279w42HqL7UsjOiWjqQUDyzhhhcLmYxvzENi0A
Requested by: Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2A68 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 07:50:57 GMT
expires: Sat, 12 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6AB8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=verdesmares.com.br&sn=ChromeSyncframe&so=0&topUrl=diariodonordeste.verdesmares.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=wws1sXxEbkZ2cGQ4Mk9DMUNmb2VrT3c2eHlYNG9BQXQyaTgyeWZ4d2VYQ20ybzVxQTdKRitaM0x3THVFSXpGOU1HZHd3a1YzYnBlczNlcWJaU1dqWG8rVzNpbVRlbTF3QjdFQmdGZ2dkd05wb1hrb1lXbnpEK2FTVHVEQn...

446 B
652 B

105ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=wws1sXxEbkZ2cGQ4Mk9DMUNmb2VrT3c2eHlYNG9BQXQyaTgyeWZ4d2VYQ20ybzVxQTdKRitaM0x3THVFSXpGOU1HZHd3a1YzYnBlczNlcWJaU1dqWG8rVzNpbVRlbTF3QjdFQmdGZ2dkd05wb1hrb1lXbnpEK2FTVHVEQnRGTDFuM1IzTHBROTZxUTh0VEVSM2FuMC9JQ1Q0V2FqTzh2bTVKcldsVlB0QjJWVUcrS01GeWd3SGlkSGdPeWNPVmNJK01QeEs4OHI3VjV1Y3p5Q20wZk5YdDNpRXJmanNCdnp3SEI4SXVuODJseFUzU2pKZmJMd29EMklZMXRUTFozR0Flc1EzRjdsNjRzZkRGU1dhcEFoRGVDMGpwQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4e3f2a2924f1eecf8aa3c2c031852a70f212fd292f89abc215bc95b20666e120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:08 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5545
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:08 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=wws1sXxEbkZ2cGQ4Mk9DMUNmb2VrT3c2eHlYNG9BQXQyaTgyeWZ4d2VYQ20ybzVxQTdKRitaM0x3THVFSXpGOU1HZHd3a1YzYnBlczNlcWJaU1dqWG8rVzNpbVRlbTF3QjdFQmdGZ2dkd05wb1hrb1lXbnpEK2FTVHVEQnRGTDFuM1IzTHBROTZxUTh0VEVSM2FuMC9JQ1Q0V2FqTzh2bTVKcldsVlB0QjJWVUcrS01GeWd3SGlkSGdPeWNPVmNJK01QeEs4OHI3VjV1Y3p5Q20wZk5YdDNpRXJmanNCdnp3SEI4SXVuODJseFUzU2pKZmJMd29EMklZMXRUTFozR0Flc1EzRjdsNjRzZkRGU1dhcEFoRGVDMGpwQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1784
content-length: 541
expires: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6939886865094433283/ Frame 4E82 469 KB
60 KB 75ms
68ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6939886865094433283/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8218c315218c15e52dc7c4a716ff5c76f8924801532c04e024ffa4041ed1bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 08:09:09 GMT
expires: Sat, 12 Aug 2023 08:09:09 GMT
last-modified: Thu, 04 Aug 2022 14:02:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AC3F 0
27 B 82ms
80ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst84RaqKwYK_DP9jEQ-3UG0hWx9_rZPtv002xMV-igrLm-9VMdT7Op0JKGa1rW-D8iRsVzI33DZVJoxzXmTScxKQR1s4qK4wshvZDfxaQhcpn_ruUTOr-islSAZjMMvAyRQyS1_LdbMhyCS9A8g6V6LbFGqk9_y64xGMRCY6ZBAMcFbo-AcTmbrWtJFIOZmIDresLiwYTwBnqPKtEEkrFKaOgsmhOCzs8LHO7nnBob8ALf037LU-g9-b3fi47ZxdEiLRJ1l7leqVtJT4ErgK85zjojCBj4Uv8AqHDAbuVDCwSOHqUl8RjgYFGggsHVwE573ENn42rAl6GJxDmRXLgSfkP8W99VfPCdUn3BQIVxZEDbj2yJCAmBpAbR9FU3c0QC8v-4dAqas1XEd0UpMKOpHMZucYaEBVfJzSi6PppaEAR2P43dp5EMa2-aOrzMNLTcJEY4-lif_FxHmCKs-qOyzIVPnMaqD3Q0PJ5zpeGwIBcrOfrT3FZWqgLLuhw-9m902pf0qOy2-N8QioHKYX-sVca79gGIXrOfko-OK426iQjF5XVTHBjBXAM1feVtk2oA6dPxJoHfJVp1JQjggO6BE4YDbEf9CCl6aU7jqX0aWg1YkXrU2QkTXhJ829kCjP4zkeo_JFNkmQWeZ6B4ymVH5xvlHEpeZObR3ES8KUUlu-c9gv8HWw0KpLaeY_ULp0xaaZ9_OhZqFdzp10GP8EtU3MWxF0AG9JO1HBuEYQ5IPErX_7rdCKG20REovCFT5TFpjNbFBWZogv-V0BgTfnqUOcarqCs8DulTI7hUDrLbZTPi2DOav82ojX37V90BiZ9b0xBZ7jY7O5L-eefT4sXHBLkK7PEv4DJuVds7M2PFCV0za_IgRus1zUohiQB36jCuV9V4-MT5qRqamwi9SQ7uMs6p3Xk9ir7oWNZz_2TIUbxxN_D6n4Fzr2iPlKBhQR5LDhrVtn_3ERfZR8p3yvTKFROxJVufFtk_1t8_iKiQhj2-MZzgoOedkx9Fx_3sRYiliWgzVUfmcWufoaL8UbNxxGBHhvwNKqyIQZY9NJzAJmT7kH2sgZzu0DmSXaIpXwJXXMe6KFIdNxUUw73jmjTpznQR9cT2g2eBVhkUaYCU_6LdDPyRzCvx1R0Yw7eBE1M7vwW2JRq58cJ9jh3TuM-6eG_hVIFF8Wp97TkxD-z7JmAC7tpah335-_LA6tBbQ4l4BBhZFOPgDKVxh4i9DUyAo8M4TGa6NhbNm5BGNtaqz23cjeRiIc_4iaEsLVu0RoX-X0PJoA3tLAhFFo0pdLtv-6FQP3UTNW_P8MRx-aDqAbdLg-QcIaZnF26piErH2R8HElHHn1nAcNNqIPulSAh5zMvdEynWtvRnZaCeXLHJEQjT9tuZ2KUhDhqhvpExfmZJVC5YoGh027ZM7ku2mtRig4m_lnd1EAoRVXsA6kJC8nN8sm3LEgkYjEUPHjNNcEtVPC8oys9VNtoVoVw3XTtDieaQJiUKjy0JM2dKkxkAAvzYXK5zNSFQUDLUSY2rT2nqux2z32ggHmcuMsuM4xlw96e37-1UV_NcvintDwPXEb8sYM2JYv7iLqJIilMg&sai=AMfl-YQrs3Nqf4GFP0cARGyRjXD5PMLjtXqNUCKXCSN8ZpbRHHtKfSL8OXC10VIM6D3IeXrAO4mg53vvJ-OaAm9YiKFsHlSLwQNof56UtDxNi-8WkcUN-PhbA4d0mKYaEpi3HA7iU6eKL2pZyGoRoIK_NP9SAeTZwCR4O_ETKM6mDtBgtQovlcj11ikklQZGEsDGd9yC40XtdUWLYbeqLo5PqYVWJ8LVIO25w9YptK0sXvUBDt7-7gR6bLda9rkrYeG0ohl9RKg81tU9K2kYma5nuI_d6pP7iTtWPPe0k1XXA7MqJNl6ao41nHNIJ1u7HMBz0DXa4iwQ5TbAKQOvClax70nxtIgwPUzE9BbF0VrC1-jfJ3RXwikx&sig=Cg0ArKJSzAetsMb8oYsoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&cbvp=1&cstd=156&cisv=r20220810.92703&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 12 Aug 2022 08:09:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A68 36 KB
14 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14125
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:42:27 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame AE9F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMXq00lEsEJH5rsoVr2Pb5A&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMXq00lEsEJH5rsoVr2Pb5A&google_cver=1&__user_check__=1&sync_id=0b2e010e-1a16-11ed-91ed-19da87bf0306

43 B
549 B

17ms
17ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMXq00lEsEJH5rsoVr2Pb5A&google_cver=1&__user_check__=1&sync_id=0b2e010e-1a16-11ed-91ed-19da87bf0306
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTZHBCShCkYt5fq0AEwAQ&v=APEucNVH9KKPDN-tywz7Llgp0RGBwRaC5e6WInneE_nPSbtT_zetReBClVyDZ4KzvbRjs1kmUsA_D-pCHpWoAD4N6dhQ8yne93eZYwgpCWqpvYwssxma8uiZ2y42X7EgG_ziwVLrnrsNXNVbEhaEuiyFYlPLa7EIreBryuQ9McgdLxy3YZj9_i4
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 08:09:09 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 127
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 12 Aug 2022 08:09:09 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEMXq00lEsEJH5rsoVr2Pb5A&google_cver=1&__user_check__=1&sync_id=0b2e010e-1a16-11ed-91ed-19da87bf0306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 136
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE9F
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MGIyZGM2NTYtMWExNi0xMWVkLWI5NWEtMTBkNGM2YjIwNTA2

170 B
188 B

41ms
41ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MGIyZGM2NTYtMWExNi0xMWVkLWI5NWEtMTBkNGM2YjIwNTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTZHBCShCkYt5fq0AEwAQ&v=APEucNVH9KKPDN-tywz7Llgp0RGBwRaC5e6WInneE_nPSbtT_zetReBClVyDZ4KzvbRjs1kmUsA_D-pCHpWoAD4N6dhQ8yne93eZYwgpCWqpvYwssxma8uiZ2y42X7EgG_ziwVLrnrsNXNVbEhaEuiyFYlPLa7EIreBryuQ9McgdLxy3YZj9_i4

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 12 Aug 2022 08:09:09 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MGIyZGM2NTYtMWExNi0xMWVkLWI5NWEtMTBkNGM2YjIwNTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 104
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE9F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yaUtDSVQ5RTJ1R3VCZHpsU243cC50b3JsUmlpUV9RYn5B

170 B
188 B

42ms
41ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yaUtDSVQ5RTJ1R3VCZHpsU243cC50b3JsUmlpUV9RYn5B

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1yaUtDSVQ5RTJ1R3VCZHpsU243cC50b3JsUmlpUV9RYn5B
date: Fri, 12 Aug 2022 08:09:09 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8DFA 106 KB
37 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Origin: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Aug 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 8DFA 8 KB
3 KB 42ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOq6SjG0rnX2kiHGnYULu0fOZ_o6e05lwoK6ANx0VwttSA5a1TPmzNpUoijhIoNtDVGmFVVv4fr8pgOuUPEGJtKxUHjg&cry=1&dbm_d=AKAmf-BWxC6s5aZ00zIF07yFgnX8bJJS_uCMZM_jSmatOZ-5qNR8oLFNLjWz-_8o8oaRA5nVgf9CJVfJb88DeCRzmNUDNMK1_2GdBHqxuPptKF3tcpm4AIZUVNk5bdVEA1q0OPygYsPmLoqQU8kn8x4rK7jIa49qh1-qv-IybEKhGjO-_gg-Z7WNkDV-qg_qUXXdKecPNiXVCGTYB7o-geM31N6EBOfZwbmsMWkwewR5Kjhpt-zBR0m3Q9CMr0mwRLTkPv9yP0csbbUd6ounZSO92_Ydn6TifOwlZqMjN725w-MFX6Ye1kpLganjShd0NOrxEIQ-sXwo-I2ZE5O73Kuzfvk1jYR19KF29xriOiKTni6Bb4UPEwfXO21Ra5QV9_8JyOUr-a6CrOjvDzD8GYv9Tj6ZDEBP5JdpjcAWxsAueoSc20BVdpje-qotSU9fBrbw_j10MK737LVBsddtwL6jhyOVR_epmcce5JXYpEbd7MIw83ungK2Po8xGAC8lcUVrSnOTDDKkSYJbF2kejwwHh0aRRJG5V57xSrkKzj7Ptdxv3su7FKgA8wyzZa9oGGiqY0UKPOjLLQXfGeIjGCeRKWW1GQASjCX6ENVgQx1tjUm-c84k-dstTc2ybSdk_sGVpaDlU0gLtYO0JrRkzxJHaQ7BpWGQKFPfqqDT2SsDFngaptyJslFBGVg6tHzn2I429TOnpyQOyCqyNgK8YK9701M2pSLdUkFz4rRg9QLjPnKr9b5-r3ElZBKJ6MihmIlHMFJc5B6DRh_WAkEzazdJZaROVyXK85Vo8KmUBGs4VrpfQFG2RMgZX2CKcmBP355WN1JSRShD_l8ODvWAclq1dqJ_nSSX71Ow1bHGx7DMiQc4oxfnOzYWhsga6YLFSgcC4JZhk5s6JszIe81Hg6bHJ03g-vqKzEhx33djrEB4Oi5QsgIR_XLVYHyko_nJES0G5n2Vk_RLeE17pCy15iIu7Thx9EIoiP1fjZtR9tICCFop2Hp1FT4TotOgkWcHZ8U9GHjfSlHaLDF-UCHt1d_-dik7ntsfrGTcMthSr12CkIDumoSxmRe4MKPraaxOtJv9V__aauAYARuSxo_I-HrpW4qcsyJw3j2zclWQ5ooWb-L_NIjbXqRHSF11vv4ue-oTBHWLIqbmrOMYh1pFuA3rnsJVrkrYbTPKw8W-iqUYgI9rik8V60U1R4u72QP5KYNTAZahxNHGbaLCM8Z_998-QEJTmtV6F7JpfNzGTzTX3r1YlTk0d5VtFIEjaCqzkAkyAp4hFWXnZJjrGhs7EfxW8JngUgw-sPD923zx1QTBenmGqBK00iIevGdsEUZbtgCDdGEoPYMRJ3y7Eyio8QiwH4-9KcH2ODVoTBK0yxsi7pBV2A2PviqABE0-Jbp-_FkNG3gKxZgJDLFVjxhaJrW6HsglDmBQfn0PjeNR_23x9UeShwPMOWjYMddtR6iTy5I5rBgB4gyrV0ASSo0YkrEQ3MAz6sMtxf18kLHhoAn8hr4Jl7HqXIDIba5CXLwGxX0SlYmghyZL1VL7VTQ-PeDEGB8s_ge_NyuQAy9u-vQrh_pG9vDUULXwsidCQKrRgw1fIsLIxFKGNnwljfXX5yHtIX95wOXhgjQ8djloRs8uj6ic_0rcMIvc_khoMtKOdE1MEEtNoX1gNn3HAwzwT8UfAaZJRLoheYeb8oAT_AiEqxH64Y0nK8O8ZBVPgE4Bq8TmvfkIpHK87rRIUn-SBWpoCxxIJ2v9tIa_m5wbHxUuzrWe0tv_ilstAUREgkr1YOeKIhzp3mw8dlbzGG5LQHqWMQPKPZ-UDUDVDWLBuqTWyFlOO3eU2Om1rjOMT98bx76qx-PYLhjt6V3UNuHTkq8TKjyuNuu9A5gU4m3y8Pf-KUUWBSpbAhYDJ8YyRWk-9GxN9luyM3t5rGhe_Ff06rVFr73vG7I_0bwjs5hCQpqKmzYUfhXEnq_pINBdiFe0JDjkMJqCB4FpeETZL1eMjbhwEnboNgAn7UnGeJVrBAY2r0QkjsMvyqHMXSJc7QfACuX-rHWZCmkCw_W_5FYftmlHykUFRs-v_XggYN0MRXs3S4MgWHiv6oMo8U9hTIdZTvfyE_xk_m0fBOPCKd5rYBivY2JqoQ8nqqfsZwyVM33mpIHerGAaOS6A0a_uBck9cIjnrw1QIu0IojQVUJynDE2OeqXRWjuhaOMOx-AMmfsdgCCEBcYiJ7hXDwGxiV0jn9d21HO7kpt_Jeh4jmk0VLQOfPDLH6d7H0tmpk_o1TdH-ywSq0NB4i6b5LL5YUGvHckdKf0g7dxA1fttsslZs-vwSIxLRyG3P9KMlJBpyDB2LNEZOI2db9qqQYE4TwQ1leiZKmRIaRe4mMBPrwfPMQkh54gwDjjd9ObtFP16YZWxLyZgke9j_ZqvzJ3Vu70RUH5G_vMKJ5aKBszsQq1AOYnLWSj_7pFrs4clPghWMEAMoKQwvenbAmtvHJiEDZtF6YustphQFp5D6BhTr5vKJOiRSaFE0Zw7Vou_ukjFvb4ee5E6wXuulu_KH2ulTlDaumaC4RMzH0r9xG6rOcomiB-yNLT3iWM3SK7r4kaR9-Bs8In_X_8CCHqVrfm-ify4e7ZtOESWUx7vdARwysihf9ZQgCpvarJUSiQO-pape3vf1RzH05vN_PSA6F0U_RmsbhfYa7XhqX5Yo3JnTBvh4-He62HhpxGgNmhYiEpvwb4m2FqZdAEWSPG2D3X7ti5bWsk97fTXyKV_n_B-rK9jqkcwz21ay89fcR94H2XyfBkdk8n_wtS2_T6ra4djU4ONnF_xKmQBf0yub1fLiAS1mqu0dLfhQxBT9iPdu624_r9DyZomvgJDwI7l65YlhbcUpBYLtVZVd9mJoDAL7w10SWqesO9X9_jgBJDuSE9PWy8HalzN8rwDf5TCYUZe_kU_8qRDhN5lADDKCAiLi7f1XJwO4DADcV6V-zMSXoUb8zNdLwSb0peIkxsXv4h-Lr2LuTnqxzaftEogOyZBMWJa7OvzPVBel4FUJ6hacn87f3yS0f_yV8M-8OrTY8olUZ8Yv3tnm_v1LDaYDK2RUAGnH1Ujsy_LT-Uk_LDcrKamKJvnMDi0Syh2kfhwOxBBIFOqOwRFywH0clHE0Emt0C8DeGvpfI_lTGk2jFzK5fCbEXBct9jzo3-KQFqqnISn1lXuyKMcsuqEEmSRt0LEY1sQ8hcqQzel5gjtSZhoeo7XPII2AyvNlZnoxE0Ht-ANfuVeFYeFbAziEVu0n0Ir8SEt9ZZYyfFYExgGlNN0gnbB6S2Px4jKK6ycK5AGV1PiCYRuRmJ4cZqsS4zLZBHqrdN207TzuWs_OGWoiF-rp-PTT7S52Nvdix2MHWGiTjqOoJJ6g6YvRJm1MIh4TLiQ-3ZC8eL2YWv7a4P0EY7j8eZgXW65wvGz5eYla7aOzk0KoX2ezfrThEYLa-r2t7_nSA2JnqEITxv_nU3YHIqm0tvW1wTkhr1EjqoCZhloPYgfugdPQR2SSeN5z2FF7OG2FUBMCvehFmPx1IBKIifzRUJvOIxzXncdYR6ReBRRg_zm6YHea2eCRFUCu8LV1Qxr9vmvF68Wi_MFyMndpV8pLzcbMpuvn9vbiK8ZgHnt4NuAors0cLFlaJ96dqV6YGaGHd_ku2Tu6VZk1VaQPgFhCtlltWL-normjjy6w9UeLIfPoMdOimzArs4zzo5rcf-Z2PPEw3fOOdDAwD04uJKChJHmdKe66TCh1yeGEGhLNBfZu9a2dFVpVi8HFTkkEuzG-VHJUSKB4d7Ab1Z0uQeOieTx5Ii1x3OTjVDAGF10tYI6pH0vSlKWJh_8Vc29pnsC4_o4po_Sv5KBHD87il09YWoSVl74wOF8R976DbLirQ4zOllIjJBdv4Qv91mtD_pay_uhEvev2pie_5deu9482YedAixcsI9d6gGXa5ujQMDldPnD06yfgZjWdGOR_zur6-AeXI0laZXuAQYm87o35RMGxPnYBm328Uayuo_f0C_ArBYEbngj_9xrLqoeUoLv8HIB_LmfCzBrx9zSYTrkORgyOlza_JCc4NNF-moX5GTzDv92o-rn6Kj-_y5uTATwgLgLR3NpEvGE59Kzeq27G4EulF6HInrG7vypKneTXTVaROEi9sD7v0H4ZCGPPtYSUDOnmRfjQboZrIiIhIMCADiqEW2OzYu0EU_HQ9eIPuP8sJKIWvliG9xk2mPc9UkUEO8wtlv7fvU8iPYkPFI5KEiB2m7tHud03NZHYEFoo_fLBTS0HDs_cDnfGiLggKrtScQ5QSxKnEN2eSvZeItcO_340bqUQijv5FbMX745_VbY1tjpJdoA5gYB2ImpPPKaxsxpqKy8I6H-eSiCQmjZBh4QMTLsYdePLXw4VTUX03239kzKlSkR7AuLdHEaTMcZ0tQunidPVB5OcZNuxQLaBd0UKqfNDAw9zcoyhW12-wUi4_10MhGjknlhAit4U-6oUVdVdLZ-YNWYAQB_mn8U57NptyIIXPJojhr5p2-pxBH-PYaCoSAamdxJCincVmModIJ8xh4LfYZDhJrwlnT2xG1GqYzw_bGAw36kK_z-salNzxfhQbDcfoOeHGO1Sk3_VvbMO-np9qn2T3QFRw&cid=CAASJ-RoaOuux9Nu_iXlSsX400ryH2FfgR6h-4cG5IHYmZM2c5cnGtzDJQ&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsslA9tc_3JdWYBlKgEjtcWY4zsrg7nyNuxxVzB0FblZkEcD7PxXYuXq9CD7B0hbyTNz7U5sn_NtIaGLAWftqHF0xQFe5wxP7IPz-TApA-wDatjeQxWf52ZkcHIFoIEn32Z54PcL1QqC9scVKgtDLPXhFuiWpsIBQF53_dlAXPFTjm1jLsNShxFlGpsxNOe5Z_maTBmM3k9QCy0Y_V7uPH40KUM04EBR70QkSHXMWPCmxlhqO9lZiPEAFlYbGLEv2m6DkpIvKTI8j-rlb0nZeZgFIYevNn1LXhEINhqSJTOCJrJvifnryR38sQ4mpxJbvCn3p28lRNRk5SsVJ8VpR04%26sai%3DAMfl-YTPLsFyD2Ohxk5f9tKfg1WOBKg-Z40cFwaarr1iQx44ZDY2WyDLhOntUgnUvjFeouXUJtjW_J3xb6g84Xa7Bin-lrOlDNENBjXbHH8-0_HwzcQIhM7LzLN5IbEQ7ge8Sw%26sig%3DCg0ArKJSzNvc3b0Aafc6EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:48:31 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 8DFA 30 KB
12 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:43:39 GMT

POST
H/1.1 200
OK ingest.php
events.newsroom.bi/ 2 B
844 B 16ms
13ms Ping
application/json 188.40.92.96
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.k8s.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryIu9epY0cQ9hqvTrq

Response headers

date: Fri, 12 Aug 2022 08:09:09 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4E82 29 KB
10 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6939886865094433283/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6939886865094433283/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 05:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Aug 2022 05:27:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8DFA 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
URL: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Aug 2023 07:50:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8DFA 0
0 70ms
69ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugLGpC1pFbVemi1JTdClzi7mt9lbf8dqt_rfHLrx-6LJKOx-jUsvKYMy18hz99SXOtJhc7rT1XJrUFZthklyt0n8fLGSjJyAT2EGvmM8vsJUxZC1pQ6Vn1ni7muxS38JiJWTKtG0PYFM1C7y7V9IPQy_1qb5e77JifM7-QG9aCdDvYM8J4YFrDJzYBB5VOZLua2QBzHYew1-cQzRstYKKPMINFg0iPz9zNbeHZw7NvYVjBH7P5UD1HlcQis7OeEex71XV7nH-ROgxwuWmHrX_TPYV8_hu4eJ4XVEB-tdA0Q5im5r_ly5U2bBA18L3VqhB98wNVu8QTJt8TXilRNa5rWDWsXg&sai=AMfl-YRJARe8MrJrn7W65eUaoz10xoc2g7L-HWDaEg2z8NxWtFHswef6bISytU22fZ2I2QrsI1bnIiGGDf8T33iC3Vp6oUHf1dfabr_pgShbc_AVFXjHRGBOfZbaImlcXzO85Q&sig=Cg0ArKJSzDrGOy3sRf2jEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 12 Aug 2022 08:09:09 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2738980368435975814/ Frame 482F 421 KB
59 KB 40ms
40ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2738980368435975814/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b228215c0109522ab2362e8e8d7ccd042ddac4a5bd5754790e70ae27776ce63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 350839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 60861
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Aug 2022 06:41:50 GMT
expires: Tue, 08 Aug 2023 06:41:50 GMT
last-modified: Thu, 04 Aug 2022 14:03:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8DFA 0
27 B 81ms
80ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsurLvyWjAmS_xHdSIHU2ILwUs0XQcJYRNVoOLbPhXOirBmQUMVy4A-jPcozPeS2Z4BopfUSnj2EeFGl7UyeiRtyP4sx-Yl3rLdZ2B5CFVxjRpdTAwFQW2R00QtoN_QHrFY7UAi3i-XsXTvqXCFXeHxLjtpkFHH5Sq3usEDJDwPgokxQsbN2F_l0S7Wjhlgrcoc-GC6WpR_kloSPvBQzQq53iSxXS4jBlJrHlg2oy5Ej92ArgcYOXkT2OdOmoe4GridlrIjc66Vbs7zfGx7MrrSIXHaODG0xFsY_rsYT_wHn7f_qoTS5K-q889E____R9wYXYhL6OsOTY7vmSTxzGbwePHCCxOTce7NQQv02iqsrH_TWHzI2tGZGZEWpJX-uuqrNosCnokzAq1rcZMljUPN4zr6fwXOivvt079FKRv_UUt92w-SrGycx8Ng9PnT1U4ZA8RHgirzr_zxBD9WIPI3-5FP60DwHjKpfvM4Qzppbdmcvxs02ArPSYzAyBL4YewFiC4BlqgvyMko6vXTH9WD40g9w4L7jg_aiX1aB_GnZG-VJGu9-IuJ6jTkSUbJOwG6jPN5TPz_FMVLZlwMRqo0vNcMLlLJQ0zVNRF7ew11w9-tgIQ7-ZdZoxViQGWnFWR8LwHorcVpEHHCBndWzmvUail0odLyRNrR5SZkSwNvGBmOR8puXFtCCqLBFoXDyuiUSdsimX0Tcq8HJZCiZ_Ed7iPTViF_-ZzvzB9uYVW5CGRKe7restPPBu9lA_XApIDkDnm452pXkhAW4NjzhmoiyEzbs2G4l3L4UnYzcNNFdFPulaA5-hUwCiP8eBYAsbr5H1x0rUsoP4ImaqTOFRyJ_Cw7ykvyhoxqyNKLzKP72BorVrHwfvgaB1dMP58U1jBQs88u2HJ5Z8CDzp2WbwZknGt8MvzjxwrbdTbgkFs6-I4LMq_sDgrQ0Bi3ZG_gC9SHqflL2QFDOQwsFU7pAcbEJSB9l8h3HC7n1hxCPOVXZInMRVpslnvbubv7m1EusvRLZYsuhkBID5URnzyKLGqFkVJq0UE_jS8s5Fw0t6PY38IWUtqKL9rV5oZ2elrhsLs9bLQFNoSin02t-oULFsNua4LIlETQF7Xfuq0X5LFrTVgESNC9Fv0gG2fx8vZCuAw-HuH3PddWSmmPdtRO_PDoECANOLsNbhRFMwZa-YANMiSn1Uj5HtTTIk_fRrus3tiFF-PPJKV0gwOQq3WQEUtRgFvWlo5SefgICAZwELzOXUZVU40RkKECd2lKXWm-l7QV7zCQy0xM1ZFS502uIF9miygUTs8_5Wwxt7pjh0Yt_LXG7ke7vtu1Z0hvEdBt4--1htDyxqyz_2oWD0lVMdotZ_-v39_Y1kY03upJnxiI4x9mpi19df7NNy4S0KILJ3Tfr_cGTuxgDfQXh5OjLjM4KfvbPuNhm8E7ngjGuRdqssrstFBhR7PshoKOgXyZ-5Pt8rnzWHlxzgqCa1DsznGcd7tmS246ekkSmUVE0yQS6C5TEUwFSE3EhybqCxS9hm7IaWiV2XSWoCmTjdRWZCX-4aZdKtsjc8DVptWoLD1G_pJImt_kwdZET&sai=AMfl-YQ31kS8WNObHfxaUIfg5ySO9C2_TRo3yFO2QyaKC_uIz3JlMO0t9QFqwvqy27D2oPX5RRFaRZqHA369a_20UEVlS9R6x9DLq-zu4xtWvu7WWZoSjzRquK5DkIq7ELjU6vEhWbMA53W8tt6D_QNCnwtp3oA6ZH4OShtZNKjkzUms9vGFp1fBHk6-Warem_oGA2hY1U5NtiV1MrE66_jI-D09NlFIaJuwbGFxYAwhmUB-o0Mh_K5y3p_EE4CetleHitgSQ3OP-Ntq3iEFC0NPCNszzBBp_tJDWWpFqscn1WoyqT_iPlO9uTLzgiVqdK_aiPyo2_y8HX_fyQkMlTFtdRrh5guKlLqYdhj2twEPCD3_6V3vDkT1&sig=Cg0ArKJSzFXqx2NNKxPJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=115&cbvp=1&cstd=113&cisv=r20220810.50883&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 12 Aug 2022 08:09:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 8DFA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea9bf0e241a3ee16a940379ebf96c01051d6bec20d23e62a4ce3551287825e9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 textura.png
s0.2mdn.net/sadbundle/6939886865094433283/ Frame 4E82 2 KB
2 KB 61ms
61ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6939886865094433283/textura.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6939886865094433283/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9abfe410f80640f7a82bc7f54d163b6a5746772356848c63cebe518db079dd8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6939886865094433283/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:09 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2339
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 14:02:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Aug 2023 08:09:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9987 0
0 69ms
69ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYgNCS33tWYtp1SraWrYv2uQgLmD1THujQONsjnX_RPP85cBXZc1U9mROWrV_b0ElSBbFB-pTB8Rz3sDtSsK4ThReB5kcIt7CPKvup_4bPOuZzT3aL4dnrJp2FOkw8AbNy17KTnfMn-Tiqppilc_poGUfrHwcUnF86tTYT6w4Djf8nc55q-pERCfOIA9MkaLAdhTC4F-HRq1y-7ssSixt27cIMR1cSbdpNVURCjIQzAbj_ND979hSTiZeO3fOzpYOHCzN0TMhM6WOv04TMsQUoCPuWSIgwRYL2SYOb5eWMoU1yIApSgtbmAQ4S6iDW9tVDn5QwOilIPIVbTg&sai=AMfl-YQQYGeeDrzfHlXWjZDoJuZrRqoalrN78n5Md9-WZaMIymXP7tfJaqarfrpMFoWPhGu4ILzYeMbyhegLJvO7LnXZSQDpuPJdL-vsvzjWCgOa&sig=Cg0ArKJSzBW8IZRSWZ1jEAE&uach_m=[UACH]&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 9987 23 KB
9 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 08:00:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 9987 3 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 07:31:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9987 140 KB
43 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 08:09:09 GMT

GET
H3 200 15827778470159345466
tpc.googlesyndication.com/simgad/ Frame 9987 238 KB
238 KB 39ms
38ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15827778470159345466

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd80b28a2d575ef9fe53f5725d2d0e12118f8658ef9da0f0b3f9bd3438203970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 18:33:27 GMT
x-content-type-options: nosniff
age: 308142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243518
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 22:25:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 18:33:27 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3602 22 KB
8 KB 38ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 07:50:57 GMT
expires: Sat, 12 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 482F 29 KB
10 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2738980368435975814/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2738980368435975814/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 05:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Aug 2022 05:27:08 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AC3F 0
26 B 71ms
70ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst84RaqKwYK_DP9jEQ-3UG0hWx9_rZPtv002xMV-igrLm-9VMdT7Op0JKGa1rW-D8iRsVzI33DZVJoxzXmTScxKQR1s4qK4wshvZDfxaQhcpn_ruUTOr-islSAZjMMvAyRQyS1_LdbMhyCS9A8g6V6LbFGqk9_y64xGMRCY6ZBAMcFbo-AcTmbrWtJFIOZmIDresLiwYTwBnqPKtEEkrFKaOgsmhOCzs8LHO7nnBob8ALf037LU-g9-b3fi47ZxdEiLRJ1l7leqVtJT4ErgK85zjojCBj4Uv8AqHDAbuVDCwSOHqUl8RjgYFGggsHVwE573ENn42rAl6GJxDmRXLgSfkP8W99VfPCdUn3BQIVxZEDbj2yJCAmBpAbR9FU3c0QC8v-4dAqas1XEd0UpMKOpHMZucYaEBVfJzSi6PppaEAR2P43dp5EMa2-aOrzMNLTcJEY4-lif_FxHmCKs-qOyzIVPnMaqD3Q0PJ5zpeGwIBcrOfrT3FZWqgLLuhw-9m902pf0qOy2-N8QioHKYX-sVca79gGIXrOfko-OK426iQjF5XVTHBjBXAM1feVtk2oA6dPxJoHfJVp1JQjggO6BE4YDbEf9CCl6aU7jqX0aWg1YkXrU2QkTXhJ829kCjP4zkeo_JFNkmQWeZ6B4ymVH5xvlHEpeZObR3ES8KUUlu-c9gv8HWw0KpLaeY_ULp0xaaZ9_OhZqFdzp10GP8EtU3MWxF0AG9JO1HBuEYQ5IPErX_7rdCKG20REovCFT5TFpjNbFBWZogv-V0BgTfnqUOcarqCs8DulTI7hUDrLbZTPi2DOav82ojX37V90BiZ9b0xBZ7jY7O5L-eefT4sXHBLkK7PEv4DJuVds7M2PFCV0za_IgRus1zUohiQB36jCuV9V4-MT5qRqamwi9SQ7uMs6p3Xk9ir7oWNZz_2TIUbxxN_D6n4Fzr2iPlKBhQR5LDhrVtn_3ERfZR8p3yvTKFROxJVufFtk_1t8_iKiQhj2-MZzgoOedkx9Fx_3sRYiliWgzVUfmcWufoaL8UbNxxGBHhvwNKqyIQZY9NJzAJmT7kH2sgZzu0DmSXaIpXwJXXMe6KFIdNxUUw73jmjTpznQR9cT2g2eBVhkUaYCU_6LdDPyRzCvx1R0Yw7eBE1M7vwW2JRq58cJ9jh3TuM-6eG_hVIFF8Wp97TkxD-z7JmAC7tpah335-_LA6tBbQ4l4BBhZFOPgDKVxh4i9DUyAo8M4TGa6NhbNm5BGNtaqz23cjeRiIc_4iaEsLVu0RoX-X0PJoA3tLAhFFo0pdLtv-6FQP3UTNW_P8MRx-aDqAbdLg-QcIaZnF26piErH2R8HElHHn1nAcNNqIPulSAh5zMvdEynWtvRnZaCeXLHJEQjT9tuZ2KUhDhqhvpExfmZJVC5YoGh027ZM7ku2mtRig4m_lnd1EAoRVXsA6kJC8nN8sm3LEgkYjEUPHjNNcEtVPC8oys9VNtoVoVw3XTtDieaQJiUKjy0JM2dKkxkAAvzYXK5zNSFQUDLUSY2rT2nqux2z32ggHmcuMsuM4xlw96e37-1UV_NcvintDwPXEb8sYM2JYv7iLqJIilMg&sai=AMfl-YQrs3Nqf4GFP0cARGyRjXD5PMLjtXqNUCKXCSN8ZpbRHHtKfSL8OXC10VIM6D3IeXrAO4mg53vvJ-OaAm9YiKFsHlSLwQNof56UtDxNi-8WkcUN-PhbA4d0mKYaEpi3HA7iU6eKL2pZyGoRoIK_NP9SAeTZwCR4O_ETKM6mDtBgtQovlcj11ikklQZGEsDGd9yC40XtdUWLYbeqLo5PqYVWJ8LVIO25w9YptK0sXvUBDt7-7gR6bLda9rkrYeG0ohl9RKg81tU9K2kYma5nuI_d6pP7iTtWPPe0k1XXA7MqJNl6ao41nHNIJ1u7HMBz0DXa4iwQ5TbAKQOvClax70nxtIgwPUzE9BbF0VrC1-jfJ3RXwikx&sig=Cg0ArKJSzAetsMb8oYsoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=457&vt=11&dtpt=299&dett=3&cstd=156&cisv=r20220810.92703&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9987 0
0 69ms
69ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzlf3xmSpISRM2NFO6aALIRRvjNVFolygmbwsg4rjKOT2xodWV3G-PI5LI9eqN9ervIbx-bRo4HuQDvU5-wrAf66YZGn-AMytT4Ehc3VCjkBpdjIVe6EhEcBz920WZH3VkYab8uddyBB8xdDcbc6-f46n9WH3EpNQQx-i5AL3WTqBRvzuuQVIuj9E_Hvzsp_lUkZLFQB-e_eoRJiGcQjhl7fEeJgSpYsdVmOoxyJymmpAknIIqL8HlmnGu3S6OvOtfbp4M_duCBiv6vQb4-y_GV4bDw9EsLZgQ40HTJv0rsPo6FVyH0IfX-i1uYsfBetgT9rI8rfJ_1prk5Mu6&sai=AMfl-YQ3kqER1oSZHAIL2sRljynBPlzyDfU-Q0NiNUovx1ZoKS4t0bpTJ2OWgd0YdH5_B1GbTKgPOwnC60NIuU0ptCj_bFFjrY2UMv1sf7G8Inq_&sig=Cg0ArKJSzOnpiJ7xD4M3EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 12 Aug 2022 08:09:09 GMT

GET
DATA 200
OK truncated
/ Frame 9987 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d0d4831309a3d10b1a1fbddc283ac3ad46f4f98e891fc6866faa2bff35ac017

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 textura.png
s0.2mdn.net/sadbundle/2738980368435975814/ Frame 482F 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2738980368435975814/textura.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2738980368435975814/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9abfe410f80640f7a82bc7f54d163b6a5746772356848c63cebe518db079dd8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2738980368435975814/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 06:41:50 GMT
x-content-type-options: nosniff
age: 350839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2339
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 14:03:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Aug 2023 06:41:50 GMT

GET
H3 200 lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3602 36 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14125
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:42:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A68 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYyXopQr2YpPQDPC6x_AP-peQ2A4AAAAAOAHgBAI&bg=!m5ilmNzNAAa4hXTbmIU7ACkAdvg8Wrtgzkk4NdHdVeQ55ObuKZNZafLU8y0FCZ80XYX1PEPsBP8hEQIAAAEAUgAAAAFoAQeZAzi3ktEUXiW9RMWiBuTa4UPRVHHkhhr1nucnw9XZV37dA4xDE2ogCegE363_sIWwbOuNiDlkc9v3xA4jGkhsZ1R7PzbtrRBBxiph-NRdV5eaE3LvIfyweZY0Xr_Oa7iyRunhXo6anH8CPGTmRoG8F64DG9M-n-DczIqkkJLt1S7ppf3tfQBUNAwJVQkikLJaYE8TcMh1ZZFUFFwlDJTz5Tiy0L_nxQPqUBCyazjvFm77esCIj9C_nhq51g9PK99FrsjXWRa6QB4TsqmniqfDMxP9iedxnpvdIb3a4fsjU5DalsRuBVXgCs7kmyjXS64SXLUHQOmrh49EXBDAVQK1Jnocg5dkX5fAynw5V5qJQ4F7COWE3KPAxauN3hyJHBM9ZPq-2-gULeA4GbNBOtaGkrkYU7uOhAnVnu5KfG-EOjs7hydN64s-xQ7-CEZi498YxiHIPP7nOLwG6ucYZKXMOw7-g_4jEaVOdPGiEMnxSaTWLw6Z4IutHG4iylzhnBKFl1RtQXmi9ZNnS7SbP7Z7WQS0rpyVytIZ_QuMlQRbD3podDI64kEx13Fpk8orGbijPWOqfnkoJXzEkYVqB--3oa6Hi78D4yfN_douzsBevwSI1efFddfvKuxxCZ9XPNM_h6IMYz5sk1feBoH3y5LhQQzqmwFYId3pdxdmOWmRrxiq5_W00z4OsXdi3D0UNnRTAqGOTBlPXMLB9tQ3e859XbOaiVC23xkwXiwCLJPb2ayyr2oIGw0f2z58bmurNpt4AFN1vD8l5owmqJi7mFZ_JJXqNmkxzL5l3nHP6uHNXkX6A2vNIZuHN5Gxb5cbLPXh998J6HLJ3pmOE4p3SLwKXlD5sOxcqFcKT0N46rdKP2X84yr9yxw3ICCPzL-jBmweqRvj48SR6XSv2ycNZ67fVkaN9Gff2_keBZkM6ZKUa6tpTZc_J-dYKr11Gxst0qbWw4kj8BtJD8ApVpEHW2Af62F750tcf3DUMtbVD2SbG0y4rxzjkfs6tWBRjRrsZic-wXQcsKhlo1bLWiDh7i5qMmstcTfWJJF9UAUmR-5I_64beZUaKoeVPTMeus66AetzBXVhfLf9ukX9EA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8DFA 0
26 B 73ms
72ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsurLvyWjAmS_xHdSIHU2ILwUs0XQcJYRNVoOLbPhXOirBmQUMVy4A-jPcozPeS2Z4BopfUSnj2EeFGl7UyeiRtyP4sx-Yl3rLdZ2B5CFVxjRpdTAwFQW2R00QtoN_QHrFY7UAi3i-XsXTvqXCFXeHxLjtpkFHH5Sq3usEDJDwPgokxQsbN2F_l0S7Wjhlgrcoc-GC6WpR_kloSPvBQzQq53iSxXS4jBlJrHlg2oy5Ej92ArgcYOXkT2OdOmoe4GridlrIjc66Vbs7zfGx7MrrSIXHaODG0xFsY_rsYT_wHn7f_qoTS5K-q889E____R9wYXYhL6OsOTY7vmSTxzGbwePHCCxOTce7NQQv02iqsrH_TWHzI2tGZGZEWpJX-uuqrNosCnokzAq1rcZMljUPN4zr6fwXOivvt079FKRv_UUt92w-SrGycx8Ng9PnT1U4ZA8RHgirzr_zxBD9WIPI3-5FP60DwHjKpfvM4Qzppbdmcvxs02ArPSYzAyBL4YewFiC4BlqgvyMko6vXTH9WD40g9w4L7jg_aiX1aB_GnZG-VJGu9-IuJ6jTkSUbJOwG6jPN5TPz_FMVLZlwMRqo0vNcMLlLJQ0zVNRF7ew11w9-tgIQ7-ZdZoxViQGWnFWR8LwHorcVpEHHCBndWzmvUail0odLyRNrR5SZkSwNvGBmOR8puXFtCCqLBFoXDyuiUSdsimX0Tcq8HJZCiZ_Ed7iPTViF_-ZzvzB9uYVW5CGRKe7restPPBu9lA_XApIDkDnm452pXkhAW4NjzhmoiyEzbs2G4l3L4UnYzcNNFdFPulaA5-hUwCiP8eBYAsbr5H1x0rUsoP4ImaqTOFRyJ_Cw7ykvyhoxqyNKLzKP72BorVrHwfvgaB1dMP58U1jBQs88u2HJ5Z8CDzp2WbwZknGt8MvzjxwrbdTbgkFs6-I4LMq_sDgrQ0Bi3ZG_gC9SHqflL2QFDOQwsFU7pAcbEJSB9l8h3HC7n1hxCPOVXZInMRVpslnvbubv7m1EusvRLZYsuhkBID5URnzyKLGqFkVJq0UE_jS8s5Fw0t6PY38IWUtqKL9rV5oZ2elrhsLs9bLQFNoSin02t-oULFsNua4LIlETQF7Xfuq0X5LFrTVgESNC9Fv0gG2fx8vZCuAw-HuH3PddWSmmPdtRO_PDoECANOLsNbhRFMwZa-YANMiSn1Uj5HtTTIk_fRrus3tiFF-PPJKV0gwOQq3WQEUtRgFvWlo5SefgICAZwELzOXUZVU40RkKECd2lKXWm-l7QV7zCQy0xM1ZFS502uIF9miygUTs8_5Wwxt7pjh0Yt_LXG7ke7vtu1Z0hvEdBt4--1htDyxqyz_2oWD0lVMdotZ_-v39_Y1kY03upJnxiI4x9mpi19df7NNy4S0KILJ3Tfr_cGTuxgDfQXh5OjLjM4KfvbPuNhm8E7ngjGuRdqssrstFBhR7PshoKOgXyZ-5Pt8rnzWHlxzgqCa1DsznGcd7tmS246ekkSmUVE0yQS6C5TEUwFSE3EhybqCxS9hm7IaWiV2XSWoCmTjdRWZCX-4aZdKtsjc8DVptWoLD1G_pJImt_kwdZET&sai=AMfl-YQ31kS8WNObHfxaUIfg5ySO9C2_TRo3yFO2QyaKC_uIz3JlMO0t9QFqwvqy27D2oPX5RRFaRZqHA369a_20UEVlS9R6x9DLq-zu4xtWvu7WWZoSjzRquK5DkIq7ELjU6vEhWbMA53W8tt6D_QNCnwtp3oA6ZH4OShtZNKjkzUms9vGFp1fBHk6-Warem_oGA2hY1U5NtiV1MrE66_jI-D09NlFIaJuwbGFxYAwhmUB-o0Mh_K5y3p_EE4CetleHitgSQ3OP-Ntq3iEFC0NPCNszzBBp_tJDWWpFqscn1WoyqT_iPlO9uTLzgiVqdK_aiPyo2_y8HX_fyQkMlTFtdRrh5guKlLqYdhj2twEPCD3_6V3vDkT1&sig=Cg0ArKJSzFXqx2NNKxPJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=370&vt=11&dtpt=255&dett=3&cstd=113&cisv=r20220810.50883&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 08:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H/1.1 200
OK ingest.php
events.newsroom.bi/ 2 B
844 B 13ms
12ms Ping
application/json 188.40.92.96
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy01.cl03.k8s.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryDYN96knFfCxeULNU

Response headers

date: Fri, 12 Aug 2022 08:09:09 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&domain=diariodonordeste.verdesmares.com.br&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=84uQ6HxDclk4cFZYQS96bm13ODNLdXlveUViZmFYblFUQmZSYm0xMmFwZGNzcDR6djQxS1VuRU9RMFlFdmp6ZkFjdEtuakNRTnYrWjBPa1BjbWxMaCthdEQ2RkVqaVlLeW5BL1ZiVU14aVdtYVFZS3NkTFp3dVZkTFZGel...

451 B
693 B

18ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=84uQ6HxDclk4cFZYQS96bm13ODNLdXlveUViZmFYblFUQmZSYm0xMmFwZGNzcDR6djQxS1VuRU9RMFlFdmp6ZkFjdEtuakNRTnYrWjBPa1BjbWxMaCthdEQ2RkVqaVlLeW5BL1ZiVU14aVdtYVFZS3NkTFp3dVZkTFZGelRkNC9TUG1KMlRQaFc1cG1rSUhnR1hSWFlndWM0dkdpemRjOUhUemFVa0dyNjdmRHk2R01YNWFQYUdJZTZRQVBRUW0zVlphR0NmWHE1Z3RNYjFQeXg5UjVFY0xWWU03VGUyUFFwQUloNGo2c25aNFQvMWkxdkNiMFhuTXF6SmtUUlFyWlpzejBrQlFKSkp5UnZONUdUTk5xN1lGZk1xN1d6dlRkMlZQcWxURWR3ekcvUmdacTJnT1JDeHd2Q29kaHVDUVFmUEFKQ3w&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d12b2953973f2c79b0087fcbeb18f1f093faaeda46422b50bd180bd7666d02ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3629
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:09 GMT
location: https://mug.criteo.com/sid?cpp=84uQ6HxDclk4cFZYQS96bm13ODNLdXlveUViZmFYblFUQmZSYm0xMmFwZGNzcDR6djQxS1VuRU9RMFlFdmp6ZkFjdEtuakNRTnYrWjBPa1BjbWxMaCthdEQ2RkVqaVlLeW5BL1ZiVU14aVdtYVFZS3NkTFp3dVZkTFZGelRkNC9TUG1KMlRQaFc1cG1rSUhnR1hSWFlndWM0dkdpemRjOUhUemFVa0dyNjdmRHk2R01YNWFQYUdJZTZRQVBRUW0zVlphR0NmWHE1Z3RNYjFQeXg5UjVFY0xWWU03VGUyUFFwQUloNGo2c25aNFQvMWkxdkNiMFhuTXF6SmtUUlFyWlpzejBrQlFKSkp5UnZONUdUTk5xN1lGZk1xN1d6dlRkMlZQcWxURWR3ekcvUmdacTJnT1JDeHd2Q29kaHVDUVFmUEFKQ3w&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1942
content-length: 594
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 45ms
16ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&domain=diariodonordeste.verdesmares.com.br&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://diariodonordeste.verdesmares.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 12 Aug 2022 08:09:09 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1306
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6F0D 281 B
573 B 89ms
18ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Aug 2022 08:09:10 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 4CE4 0
0 10ms
8ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1660291746830

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FE81 52 KB
17 KB 57ms
10ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 12461
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 12 Aug 2022 08:09:10 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 218105, 198551
X-Served-By: cache-lga21969-LGA, cache-hhn4033-HHN
X-Timer: S1660291750.016504,VS0,VE0

GET
H2 200 sync Show response
eb2.3lift.com/ Frame E793 37 B
140 B 42ms
10ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20220503
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 12 Aug 2022 08:09:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3602 0
20 B 75ms
73ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BukcspQr2YvXxGovf-gaB5JmACgAAAAA4AeAEAg&bg=!x8SlxIDNAAa4hXTbmIU7ACkAdvg8WvsKoD8QlmMqfcImo9OX8Pl1hJQJ6MSZz_bkJ42Nr80uY7Jf5wIAAABXUgAAAAJoAQeZAzNLazgLT-KJUlq5G7u3Rz1_v_PcdxY4tcA-uGANCSnTyCdaRt-iDDb387H81WqpdGNhLYfmtixZ8JdcmCdvPeFfwwX_kZr78-Mta07RoW9XFJl_KdmwdomH1xjUACoKuSsLCNneayVTrDVNhb0gPQW5ZTAu9XintVxGnL1iJloZxJUSYP9qjM21EA9Dv5IMz0LsWqqaPTkSdQ-Z9eo4a5nBkcMX7XaOqzcR_qCJEZd0Q2DS_pTnZ550JY_Iq7vac3TH2K6P9DVRDTFNF-iORGPryb-02LNM6ONKQftdX93N4de2H5FuheTdCah_A5SogjT85PUr813ry_yz_Ms5zrAfdes-apnM6uvp87uqA0gQMv9CJCqUxTpxJGTMDMlaZhB0j4-N9zdKTBiZq3IlgT_LEul2hvx2C5nJx-pym8aNa4lUoMItmA_5ghWPpDPCQ0Op1ZOrZQG0TBl1Zw5WHSrt5oCaevzptq3kiPWHE18sKdjUwvYUSquBithZasuhGeKG4spnHvF1iHv_eXhCVu26kRkZO7RtvWeZ1Z6AT8OReD9p_8EjuJovcQQ8UCwznpHWwrpp9yF_aNtXnHZWLYMit72RDmEUNefS8xbXL6gBc1kMb090DMqzsRDbnotXAyMJkTH4Sh474Qu2n0DKvIXooxZDXz7tKVX2l_PtFApbDfZfLqDJ5_YqyBR9N2OffbwIu69CndKqnLyD2rAca5ue-BMr3loQmpAChSXqYdpRx1DSKAOx8ZGyqLDldrhCCnUV7TIqU8hELHGY8LZc0dOwO5N4NT01vXm2tMrQOv8oUzF1N9DixcxaOj6z8l7VvXfNXmihGpFEQg_4EN1P9ken0x9VUmlEi7HZP-xYcmy8fsZSzWrmxWp7FCW17LxwIh6Jtz5EGRJ0SAX6ExoV0NWoFzXZJ3-JP9f8XyywHfVR152opVTcROq5e9g68GSrVtVwkZkh_T9DMT8jZXp_g8FFXxOEga_36TIUOGtVt0vH_QvmWKgz_8mY7dQ7HpwE2B6RY5zZUe2PyWJhEh5HNf9AeRP_Jt_zQ7MvZQ1gxTvtEEzVSWYwKqC3tuub98mvYmp-jsY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 48ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 12 Aug 2022 08:09:09 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1145
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FE81 0
747 B 15ms
15ms Script
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 08:09:10 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f1cbb1bf-5f95-4425-872a-39e95303ec53
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6F0D 31 KB
10 KB 94ms
94ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f66ef8ba5baa63aa1dc366f1fc895a3cd1d32169cc6f7969ceae5a6e30a2e591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 08:09:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20354
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9451
Expires: Fri, 12 Aug 2022 13:48:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F0D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGMxZDY1MzUzNzBjNjEyZmM2YjE1YjM0MWMzMzlkZTMwMjYyZDg1Nw

170 B
188 B

42ms
41ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGMxZDY1MzUzNzBjNjEyZmM2YjE1YjM0MWMzMzlkZTMwMjYyZDg1Nw

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGMxZDY1MzUzNzBjNjEyZmM2YjE1YjM0MWMzMzlkZTMwMjYyZDg1Nw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6F0D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DSnWnFKATK-WMdRw4zvwIw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DSnWnFKATK-WMdRw4zvwIw

43 B
556 B

32ms
32ms

Image
image/gif

52.95.118.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DSnWnFKATK-WMdRw4zvwIw

Protocol

HTTP/1.1

Server

52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 08:09:10 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0CXXS1F0Q7FH03Z9X6P4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DSnWnFKATK-WMdRw4zvwIw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F0D
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZRNlU2VFotOS00UFZH

170 B
188 B

41ms
39ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZRNlU2VFotOS00UFZH

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZRNlU2VFotOS00UFZH
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 6F0D
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6Q6U6TZ-9-4PVG&sigv=1&esig=2~41baeb1977ecd3b74368e83b2cbda7a3215cfcb0

0
194 B

249ms
32ms

Image
text/plain

2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6Q6U6TZ-9-4PVG&sigv=1&esig=2~41baeb1977ecd3b74368e83b2cbda7a3215cfcb0

Protocol

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:10 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6Q6U6TZ-9-4PVG&sigv=1&esig=2~41baeb1977ecd3b74368e83b2cbda7a3215cfcb0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 6F0D 70 B
265 B 123ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 6F0D
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/uqrLX3up9qnisjxJQylzOw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8657579647801396891

0
239 B

9ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8657579647801396891
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Fri, 12 Aug 2022 08:09:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8657579647801396891
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 6F0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL8H_fETdGPlJYA_8ErR6KA&google_cver=1

0
239 B

45ms
10ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL8H_fETdGPlJYA_8ErR6KA&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL8H_fETdGPlJYA_8ErR6KA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 6F0D 0
98 B 145ms
39ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9987 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstm3mgVg-0e14KRrjmuh00GLPzGgP-K6FZfNgOVVZ1JvQcknVs9pHjAazZ4lMAXkGhyLa-TZsX6VuFk_NA54hYFICQrYt1ipGXIafKkMQ8dc13dN8av&sig=Cg0ArKJSzEty3ROUYbShEAE&id=lidar2&mcvt=1000&p=290,250,400,1350&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3090499511&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660291749685&rpt=139&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FE81 0
747 B 14ms
14ms Script
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 08:09:11 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 29a51240-2049-45d6-8d1c-ec1487fca324
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 46575 Show response
tag.navdmp.com/u/ 500 B
471 B 140ms
139ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/46575
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff11516a09ae9f42b88cfec0c3479e2e4166447c36cf0d9d0d1c7872e3d8ec70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 16 May 2022 19:15:57 GMT
server: cloudflare
etag: W/"6282a2ed-1f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 7397ba378acc5c62-FRA
content-type: application/javascript
expires: Fri, 12 Aug 2022 09:09:11 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 19 KB
5 KB 127ms
18ms Script
text/javascript 184.51.9.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.9.184 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: irOlEHoFUsDZEf3_amcRiMP6y8y2THaL
content-encoding: br
last-modified: Tue, 14 Jun 2022 12:22:21 GMT
x-amz-request-id: X2QZGW5AJHQA1RH6
etag: "f92f25ba5af332861dc8cea3da5eb278"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
date: Fri, 12 Aug 2022 08:09:11 GMT
accept-ranges: bytes
content-length: 4779
x-amz-id-2: t0kF6G7TmST2Uh5wZhEy99PLHCYU2FYyzuJK2U765GtdmtgBjUTkNwrJN6OGUS0U8DUpKrAIkTg=

GET
H2 200 fpc Show response
at.teads.tv/ 0
197 B 82ms
35ms XHR
text/plain 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_13576&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&sv=5b1da8a&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:11 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Fri, 12 Aug 2022 08:09:11 GMT

GET
H2 200 interface
s8t.teads.tv/logs/publishers/ 0
0 69ms
36ms Image
text/plain 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/logs/publishers/interface?sharedIdsCount%7CPUB_13576%7C0%7C%5B%5D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 usr Show response
usr.navdmp.com/ 1 KB
774 B 140ms
140ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=46575&u=1&new=1&wst=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1693539d11a9ba847bcb747936d50e023fe615deb69b314d731e06574a634a45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: public
date: Fri, 12 Aug 2022 08:09:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7397ba386bfd5c62-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Fri, 12 Aug 2022 09:09:11 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
81 B 133ms
132ms Script
application/x-javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=9&id=113571252efc0873d4f7071b4f10%7C0&acc=46575&tit=Di%25E1rio%2520do%2520Nordeste%2520-%2520%25DAltimas%2520not%25EDcias%2520de%2520Fortaleza%252C%2520Cear%25E1%252C%2520Brasil&url=https%253A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&upd=1&new=1&h1=PONTOPODER
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7397ba394d1b5c62-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H3

200

sync Show response
ad.sxp.smartclip.net/
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=red&dsp=75
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1

42 B
59 B

57ms
24ms

Script
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
Protocol: H3
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:12 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 12 Aug 2022 08:09:11 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=YvYKqAAF1TbtJgAK
https://sync.navdmp.com/sync?prtid=17&tubid=YvYKqAAF1TbtJgAK&_test=YvYKqAAF1TbtJgAK

6 B
58 B

137ms
136ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=17&tubid=YvYKqAAF1TbtJgAK&_test=YvYKqAAF1TbtJgAK
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7397ba3a6e845c62-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660291752.060186,VS0,VE0
x-served-by: cache-hhn4064-HHN
x-cache: HIT
location: https://sync.navdmp.com/sync?prtid=17&tubid=YvYKqAAF1TbtJgAK&_test=YvYKqAAF1TbtJgAK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK navegg.php Show response
gu.dyntrk.com/dp/ 0
394 B 107ms
20ms Script
text/html 162.19.80.92
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gu.dyntrk.com/dp/navegg.php?pid=nav3gg&uid=73911051566
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.80.92 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3011863.ip-162-19-80.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:11 GMT
content-encoding: gzip
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=73911051566?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=15478/tp=NVEG/tpid=73911051566?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
https://sync.navdmp.com/sync?prtid=38&lotid=

6 B
58 B

245ms
245ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=38&lotid=
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7397ba3a1e2a5c62-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:11 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.navdmp.com/sync?prtid=38&lotid=
expires: 0
cache-control: no-cache
x-server: 10.45.20.110
content-length: 0
x-consent: absent

GET
H2 200 31435 Show response
tags.bluekai.com/site/ 62 B
227 B 270ms
157ms Script
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/31435?id=73911051566&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:12 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H2 200 cm Show response
trc.taboola.com/sg/navegg/1/ 43 B
305 B 29ms
15ms Script
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/sg/navegg/1/cm
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 12 Aug 2022 08:09:11 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660291752.901241,VS0,VE9
x-served-by: cache-hhn4053-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
336 B 116ms
29ms Script
text/plain 52.214.253.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=113571252eb56485b24fdd161710
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.253.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-253-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:11 GMT
cache-control: private, no-cache, no-store
x-request-time: D=42 t=1660291751
x-served-by: beacon-n009-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=822&dpuuid=73911051566&redir=https%3A//sync.navdmp.com/sync%3Fid%3D73911051566%26adID%3D%24%7BDD_UUID%7D%26img%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=73911051566&redir=https%3A//sync.navdmp.com/sync%3Fid%3D73911051566%26adID%3D%24%7BDD_UUID%7D%26img%3D1
https://sync.navdmp.com/sync?id=73911051566&adID=70288633611647255070108661037370863400&img=1

43 B
96 B

137ms
137ms

Image
image/gif

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?id=73911051566&adID=70288633611647255070108661037370863400&img=1
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:12 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 7397ba3abedc5c62-FRA
content-length: 43

Redirect headers

DCS: dcs-prod-irl1-1-v038-07455e011.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: MKsX5JUBQe4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.navdmp.com/sync?id=73911051566&adID=70288633611647255070108661037370863400&img=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1
https://sync.navdmp.com/sync?appNx=1620854976148371468&img=1

43 B
96 B

135ms
135ms

Image
image/gif

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?appNx=1620854976148371468&img=1
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 08:09:12 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 7397ba399d825c62-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 08:09:11 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8116a61c-4217-49fc-b7ad-9a60dcd2e6bd
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.navdmp.com/sync?appNx=1620854976148371468&img=1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 32ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1

0
316 B

17ms
16ms

Image
text/plain

185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Protocol: HTTP/1.1
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 08:09:11 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
pragma: no-cache
date: Fri, 12 Aug 2022 08:09:11 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
diariodonordeste.verdesmares.com.br/	1970-01-20 05:54:43	Name: p_metered_access Value: MTY2MDI5MTcxMHwxNSwxNXxBTk9OWU1PVVN8
.verdesmares.com.br/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22previousVisit%22%3A1660291746%2C%22currentVisitStarted%22%3A1660291746%2C%22sessionId%22%3A%22f4cd9199-f0d3-4576-bafe-836ea64fd682%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//diariodonordeste.verdesmares.com.br/%22%2C%22referrer%22%3A%22%22%7D
.verdesmares.com.br/	1970-01-20 09:36:29	Name: ___nrbi Value: %7B%22firstVisit%22%3A1660291746%2C%22userId%22%3A%22ef50ffff-c479-43d3-ae33-162d0c510384%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1660291746%2C%22timesVisited%22%3A1%7D
.verdesmares.com.br/	1970-01-20 09:36:29	Name: compass_uid Value: ef50ffff-c479-43d3-ae33-162d0c510384
.verdesmares.com.br/	1970-01-20 05:12:58	Name: _gid Value: GA1.3.1851300034.1660291747
.verdesmares.com.br/	1970-01-20 05:11:31	Name: _gat_UA-41498495-1 Value: 1
events.newsroom.bi/	1970-01-20 09:30:43	Name: 391_u Value: ef50ffff-c479-43d3-ae33-162d0c510384
events.newsroom.bi/	1969-12-31 23:59:59	Name: 391_s Value: f4cd9199-f0d3-4576-bafe-836ea64fd682
events.newsroom.bi/	1970-01-20 05:54:43	Name: 391_lv Value: null
diariodonordeste.verdesmares.com.br/	1970-01-20 13:57:07	Name: tmpPersistentuserId Value: 5d08c0de74d1899a6d87a664befba099
diariodonordeste.verdesmares.com.br/	1970-01-20 05:54:43	Name: _pbjs_userid_consent_data Value: 3524755945110770
.navdmp.com/	1970-01-20 13:57:28	Name: ac3 Value: 1
.verdesmares.com.br/	1970-01-20 05:11:31	Name: _gat_gtag_UA_210532949_3 Value: 1
diariodonordeste.verdesmares.com.br/	1970-01-20 05:11:33	Name: _tb_sess_r Value:
.verdesmares.com.br/	1970-01-20 14:47:31	Name: _ga_3DESQCJNQ5 Value: GS1.1.1660291746.1.0.1660291746.0
.verdesmares.com.br/	1970-01-20 14:47:31	Name: _ga Value: GA1.1.1788308407.1660291747
.rubiconproject.com/	1970-01-20 13:57:07	Name: khaos Value: L6Q6U6TZ-9-4PVG
.rubiconproject.com/	1970-01-20 13:57:07	Name: audit Value: 1\|naVuGyos1qrmy3laxl+D1j5APvdogVCbaTd6KyMQnavCRi4Lg8bJK8P11TSlF1dXn58f+t/6n1w4Z+C8zxJPBjCDWPsub1hkMbCAS1ybZdWfA8diPTB6jUMegDC1i1R7G7JtXJVTTK0=
.adnxs.com/	1970-01-20 07:21:07	Name: icu Value: ChgIrthMEAoYASABKAEwopXYlwY4AUABSAEQopXYlwYYAA..
.adnxs.com/	1970-01-20 07:21:07	Name: uuid2 Value: 1620854976148371468
.verdesmares.com.br/	1970-01-20 13:57:07	Name: nvg82438 Value: 113571252e7eb10d9cbd653b9c10\|0_225
.doubleclick.net/	1970-01-20 14:33:07	Name: IDE Value: AHWqTUndDA0CaL4S_WH1pVr-TCAXUGyCeVS-kMaNmUs-EvWw6m452k-oZpATW49oei8
.mathtag.com/	1970-01-20 14:37:26	Name: uuid Value: 6a8762f6-0aa3-4a00-902b-439c278e6ebf
.adnxs.com/	1970-01-20 07:21:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>=jZ@e_!]tbPl1M>e)ZlrFUfJ+tGXxoH<`AHRhYJRFQS^QVs(=EPuPzZNac=I5q@tU3If)y3KL9D3I?w22=wD
.casalemedia.com/	1970-01-20 07:21:07	Name: CMPS Value: 1160
.casalemedia.com/	1970-01-20 13:57:07	Name: CMID Value: YvYKowtKN8EMV9TCi5zQ4QAA
.casalemedia.com/	1970-01-20 07:21:07	Name: CMTS Value: 1171
.casalemedia.com/	1970-01-20 07:21:07	Name: CMPRO Value: 5121
.doubleclick.net/	1970-01-20 05:11:35	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-20 14:33:07	Name: uid Value: c24bd7a4-f161-48de-9148-593f92210ddc
.yahoo.com/	1970-01-20 13:57:29	Name: A3 Value: d=AQABBKUK9mICEMHeHCuoPGB92BOGYbfVLBAFEgEBAQFc92L_YgAAAAAA_eMAAA&S=AQAAAiqe4NGi1vAzuRCnJ0r8fWw
.analytics.yahoo.com/	1970-01-20 13:57:07	Name: IDSYNC Value: 18yl~26jk
.doubleclick.net/	1970-01-20 05:11:32	Name: test_cookie Value: CheckForPermission
.verdesmares.com.br/	1970-01-20 14:33:07	Name: __gads Value: ID=eab18d78b475b405:T=1660291746:S=ALNI_MblikDlLZQWHKTODjgTHvWhhgFK-g
.spotxchange.com/	1970-01-20 05:51:50	Name: audience Value: 0b2dc656-1a16-11ed-b95a-10d4c6b20506
.verdesmares.com.br/	1970-01-20 14:33:07	Name: cto_bundle Value: s2Bg6F9FWU9ibnprbHM5SjZQZ0xEa1BjU3oxTE9ad2ZvcHZTWkM1M3VmZ05EcnFrSFJhV1RJJTJGS3ozczViNUtnWUduMDJSTnA1a2N0OVpMUGJYRE1IMjZaNjJDSjdyQ3hYWFFxR2dKelkzZ0tUdHl4UyUyRnJXeHpFeXFLJTJCUXhIaGVuWExURG9zblhJZkpVM3VnekFaRnNDUXVpQ0VzQ2YzdWNQYXNBc0Fzd3Q1dnRpdXMlM0Q
.verdesmares.com.br/	1970-01-20 14:33:07	Name: cto_bidid Value: ieh-QF8zekVpVG9DbVozMGd6YzZiQzVTRmNNN3BVVDZlbVl3NkFvZkF1NmpNZ2xHRmdQNlNvSyUyRlpjR3JNOVdKZUZBRGhVR0dlNWJwSU45Q1ZZUFAzY2haS0d5T20yeENWNE1Pdk5nVUhnOGpLbkJna2NjZUJIZFZaQ3Q4b2VRckU3RHdz
.amazon-adsystem.com/	1970-01-20 10:45:36	Name: ad-id Value: A63VZQ1bf0NRj4afclK9__I
.amazon-adsystem.com/	1970-01-20 14:47:31	Name: ad-privacy Value: 0
.navdmp.com/	1970-01-20 14:47:31	Name: nid Value: 113571252ec0ea5fd414cfae7a10\|2\|252
.verdesmares.com.br/	1970-01-20 13:57:07	Name: nvg46575 Value: 113571252efc0873d4f7071b4f10\|2_225
.sxp.smartclip.net/	1970-01-20 05:54:43	Name: uuid Value: da4aebd0-a70a-f662-6c9b-54e91be1aefe
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.krxd.net/	1970-01-20 09:30:43	Name: _kuid_ Value: PA2diFOt
.sxp.smartclip.net/	1970-01-20 05:54:43	Name: psyn Value: 19216.75
.smartadserver.com/	1970-01-20 13:57:07	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 13:57:07	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.smartadserver.com/	1970-01-20 13:57:07	Name: pid Value: 5944355224733362647
.everesttech.net/	1970-01-20 13:57:07	Name: everest_g_v2 Value: g_surferid~YvYKqAAF1TbtJgAK
.demdex.net/	1970-01-20 09:30:43	Name: demdex Value: 70288633611647255070108661037370863400
.dpm.demdex.net/	1970-01-20 09:30:43	Name: dpm Value: 70288633611647255070108661037370863400

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://diariodonordeste.verdesmares.com.br/ Message: Refused to execute script from 'https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1' because its MIME type ('image/gif') is not executable.
security	error	URL: https://diariodonordeste.verdesmares.com.br/ Message: Refused to execute script from 'https://tags.bluekai.com/site/31435?id=73911051566&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

90143f26ad3c4c61e7b662ce8d6df2b6.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.sxp.smartclip.net
ads.yahoo.com
adservice.google.com
adservice.google.de
at.teads.tv
beacon.krxd.net
bidder.criteo.com
c2.taboola.com
cdn.ampproject.org
cdn.navdmp.com
cdn.onesignal.com
cdn.taboola.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.jquery.com
diariodonordeste.verdesmares.com.br
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events.newsroom.bi
fastlane.rubiconproject.com
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
match.adsrvr.org
mug.criteo.com
nr-events.taboola.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
region1.google-analytics.com
s0.2mdn.net
s8t.teads.tv
sb.scorecardresearch.com
script.4dex.io
sdk.mrf.io
secure.adnxs.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.navdmp.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.teads.tv
sync2.navdmp.com
tag.navdmp.com
tags.bluekai.com
tags.premiumads.com.br
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usr.navdmp.com
widget.perfectmarket.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.111.242.245
104.18.18.126
104.96.145.246
13.225.78.39
13.248.245.213
141.226.228.48
142.250.185.66
142.250.186.34
142.250.186.66
151.101.1.44
151.101.193.44
151.101.194.49
151.101.2.207
151.101.65.108
151.101.66.207
162.19.80.92
178.250.0.157
178.250.0.165
178.32.210.226
18.156.0.31
184.51.9.184
185.83.142.19
185.86.139.89
185.89.210.101
185.94.180.126
188.40.92.96
2.18.233.201
200.233.65.3
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2a
212.82.100.182
2602:803:c003:200::41
2606:4700:20::ac43:4a15
2606:4700:20::ac43:4bf1
2606:4700::6810:7eaf
2606:4700::6810:df3
2606:4700::6812:e134
2a00:1288:f03d:1fa::2000
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:803::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2006
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9a
2a02:2638:1::13
2a02:2638::3
2a05:d018:d29:3602:ab6e:8189:a819:79f3
35.157.139.2
35.186.194.101
35.244.159.8
35.244.174.68
51.89.9.254
52.214.253.121
52.223.40.198
52.30.61.76
52.95.118.179
54.155.185.156
54.216.133.37
69.173.144.138
69.173.144.139
69.192.160.219
04124d4f15639f45c9c0f0216ff01e60f4d445fa5f5f2d57e97891607ada95aa
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128d2cf69ce3669c10edf58d4e8049b363f7f857e9a0608769ab83e0d5ea33bc
1693539d11a9ba847bcb747936d50e023fe615deb69b314d731e06574a634a45
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c123c7fd4a10cf634f57f792038475e28a401ed8ae381f3b069751e5f9a66ad
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1e7867ad011d453dd312c270c23679a26cc2b67e8bb03cde4aaaca3a5147c8ca
227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d
24ad03ebddce6b812548e2c78dae4f8d22e9bc183a04fb50398afa8145979181
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2b7b2f3ed3255ecf4db69618e88afd3932cf30224a3b76ffe84ddc48aaa248f6
2d27ed1714f8102754977b74fd3818903401767761b36f92fb609493d9067b8b
30f634e5cee1ff5942cb19c0667435e895c64969f3c9dbab99b06b83d218a924
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3470ec5a8c42a5266093ffc43138e26da1e0c7990e6316f76e9a18a650ef3d7c
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38fc116785ae25f52631e992255d5c67cc26dc621e998e6301b9b66ad48435e2
3cfb455baf00bacacecf51d80ea824692d27da62da57f505f23155d14e0b14a3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f78db732fd67cee6fbe4b219ebfec4f4ddefa9d83080fe6019a291071609f33
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44785beca13e118ddd542af15e05c9464aad937564cc8bb57d666580376dec29
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4829ca9e6ed3a3620fe05f1cc9ac86c6bba79da2f2a67e98b81dae9fd05fd806
491ecd3d6d86ddabc55e5c8c46f07fe755eea98d1c8a9894f15d8b6a334a7c41
49c0f5d354d182c56b1a3846a635ace028296343ca6bd96f951cd22e03568f0f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d255f52b0f0150d6226c2c1bfe2ae7ac071e9061d68d1261453cffaf019092a
4dc1ff3b77f0146e967c433c5fe7e039f607af8c487a92015389629331c1d775
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3f2a2924f1eecf8aa3c2c031852a70f212fd292f89abc215bc95b20666e120
4e6d5cbec4fa0435b5307accc162df34fff6f4eb29050eaf1bc2ce28e2c4cdf3
4ed8f3e0efab9abde3c9365e1f252ba74896afebb879371741f560e22e6213ae
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e2046d98598eb3d15933fe759244180923a6a97926ba2a4ae0497c3eaf1af5
52a29b757bfaf927dcb60fc3ed65d05560152bdc2b12227e5c53344237d1bed3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53cb63726a0b21ca199891a569d46bf700bee8f9afd9c377570dfcf5c0e2cdb6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e323edecc3157c56a091ffd030cdb0f22c1368153e7df2251057ff3df8dd0a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57b5f5c21273cdb4ae16327da934be16812fd25dcad92479a2bb6ef8192fad65
5b65b30e58ae9d413022d1f325fdc715a0465e4ca0324a2af87d905509443f6d
5b8bfdb6da76b03adc36b19b73f80ed6cb75b5bd2aa195d474872406b094c642
5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72
5d7587e75fab6d40b212f9d602bf1b001dcad3788811a0cbc6f09cf2a26524c1
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5f81bed0f608ec58cf80ba7d5528a2f17b8b173c2d61e6df36359c3d91fac9c5
601d40b5ff3c27a70aed33f2c20f46451f980bc04ddfd209539b0e3b29452e2c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6938ec6db58e17a81c5992714b49e3d4a888c81a25432bbd912b2ea22a077423
69baa42b5243c9fad39140cd27772eb779a829f93bbc325e2e695fd8b74f4371
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7398895002d2d2a90234021a72a06b112c9acbea07d4099f54535b885c63fa
6dc54b59d9676995b295651619a40959edfd2e18ef49e89e4c0a569066c1405d
6f4a1cc4f6001a56abf19b14b64ff38ab892624fdcf6c1a52ad167db57a5ca4b
70d64ce7e0ad03d6fda09a43e76fb19ef0f03a340d1062eb529cf7318e0c7429
71eac38c27969aaadb1f6902412c06de83f41dd0462ef04474e28dd19222c037
7310148aef9b5a6415c86ad58145e45ca053cb4dd04ee071a3840355f955966b
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
74579a8b4fe27aa309796dcc0cfb3a592762a369cfa3c807ab7b6e7e60f1f891
7498b1b532c68224ba510b2edf4dc127fc8ea29d6610b004673702fceede760c
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
75d5bb9744232281a18bb0311dff08777686aa9d156c53aed2ea96458a6e9406
774fe4ba17c222ddd33247e960189a174983d356c7be78631c3fe32e41bc014c
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf
7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9
7a9c491b50bba720218e34460861af80230634424a8492598b0561802d73b3c0
7b3e1381a618c7a746ec787409d36256763a1a9e57489daea865e7726ff506cc
7c409f494ee43633c5e2caaeac201b20d165c0bf295d05133ceaf9ac385cab97
7dd0ffb941fd486407c07c046255bfc1f52322061b14b9683bc4c5833dfc64dc
7de977da6ca5d7db408ef71063abad98c09cc21605e7aecc35d6d0bab95ff663
84a8dafb15c24fb406c0967630ab75dcec3bdde1166ef7046cbe58c7de746fcd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859703f2554aa6eb084f4f924f5b0c39152056add110aeca4a748c00cc02f81b
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
887456f26281fc6082fff8d88811b35e978901519b34ed1e9b99b902b4c991b5
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d0d4831309a3d10b1a1fbddc283ac3ad46f4f98e891fc6866faa2bff35ac017
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
904d8ea3f910f23afed505007751494875a041e9be8d675d1c0c79a705516fd6
9088a599570dfe2d36b2a193d576c3605b22d059556e3e17be70866580c7ea01
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
95cfc3316442f9adb3a53fc333d1308963143925f374f3de13fb1fb0732fe424
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
976dd7148b0dca6d24169ab74339aedd9daff66a689de300a50353fbdd2da472
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a911782a9d1a53c1c90b440beed750584f83620bef4d1c97de328a8fa472b47
9abfe410f80640f7a82bc7f54d163b6a5746772356848c63cebe518db079dd8f
9fce620efedb3a0ab107c356a4980ebff44cb931313fa31fd201b2e28121cfae
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8
a0e1b81ee14a9c3432248f962ca11f3d939f6066c4eafb15a61680e7b406aa18
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1
a2a693f58d63720fa4ba8357fd2b16ec3558f84877f65b7dd7a7613d1e994488
a396903db5c24684126ac9663f836968a23b57b16fc1945079ca6f640dcf82ba
a39e1e8127789e4fe37b6ec148d1018014664a2c5b33db875a40cff9740ce92f
a3e3d9d33cdfeffc09aad51cddd433962313b608e2131cc1c11fd783d2f89d13
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a572a02ec8455db2071db3f529ebb9ef017d26bb3db70cd1ff4301f62c0192c7
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a813062a7f0437a92984ea3a39feec5b7f070309be4765804739bb6917ecc6db
a8218c315218c15e52dc7c4a716ff5c76f8924801532c04e024ffa4041ed1bfd
a9f542c0d98b1deb323f1f9963046534e7a98b6f9fbaca32cdb8d49f377c1151
abdd245f4f0cfd9ab65c5e2e86b13c2fcc65b4c1482ec1f7b2f6ba51307db19d
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
afd30171b1d63a739683b8dfe63e157c7f2fbd5dd2c24834c648055a0c8ddf9c
b066ae0594f8106ab6a4577d3342242714381756fdc3e51d661f5669924a595b
b11d5ec13e533456af439018e0c1c5e4ba8a7d369bed2e50cad5ef0bf3b7c87d
b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b228215c0109522ab2362e8e8d7ccd042ddac4a5bd5754790e70ae27776ce63b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
b467d9832fdd739e6dfad12ef81a50f30f650d90557ae171c43bf5f664cde1ac
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b7d6728628ef211d3b30f62aae45ab63fd79dc5ab17ad2dcf6f1bbce1268700d
b8683d861b8449eaa346c46cfa609c2142c0e505e41615aee70096c6e31e919e
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e
bcf719cd6c1893ef28246de19a56d2e900e3d3d64db739f2e8710fd0a002ce51
bd61bd4258777781efc945039945b34af7e2a16e8977de1b371ed2d99ff1fd07
bd80b28a2d575ef9fe53f5725d2d0e12118f8658ef9da0f0b3f9bd3438203970
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c1316c59ebb7ebf3879a5d7f1fb1644a34769bcaa22e24ce93d7b2e9c43fa0db
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d14a5f715ad5fbd86c1ed9edba548ba70b130cd31cf526d879597e318dc5e4
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f
c3915b8861ba361f4777def6f57e088a8c152228acbcd545d22daa5c95906006
c4adc9d0c1a29b72e0aab4f59758387f6967c02f5e9d1e0f936eab75441612c0
c5e5710156c081fbd83804f28d6d3e89bab8ff259c4ef33b45808132432bf36f
c810d321570390864adceb44a0fd6af3cfc844c569d49e97618374bb6989a77f
c916da4c1033c62a9517e264f5182cd435d8a090b16e739f5b96463c49755b2b
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cbda2c20b24dd92cbabf67d4eec4724a5feaa4096794ba608a7b070cfc71ac5a
cc013f3025c4fc822c5b66d7d50e498e087f24ba2032bcb7344932acae5b3138
cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184
ccdf9f68a966e1446a1b1e0836c76cff2323fc37127acc5011a66619f4724b0c
cf33dddf9296531e76af0c414d35f396d3d0aa675d010ad93e4d397bfdb51511
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12b2953973f2c79b0087fcbeb18f1f093faaeda46422b50bd180bd7666d02ad
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c
d2ef3ed8f87316e8a92e315422bf8df5882356f37eb7caf02827106ca3de5f52
d3793e82ea04ecd875fafc3a72edc4f665550e0f1be35ae65fec607b5c7ae556
d73564f54dbbac7a8666c38fba318891b275fa2416263715bd3ec0bb34a5e7f5
d7534b85b050963115a9f1ae415c2ca510316892cee81d03c5440e0eb3f9b6c4
d81e76c9f6d7297de6b0b72c52c20e0fd49fe06330a9f5b9aa33f4fa3590ce6e
d9160a42691d415e5662e50315d7b63037d04cc4b00918eda40b82e1ccec31b2
d9736ecc3d0b02292cbcc412ccde89edccaa563cf91cb2e4c93e20ef91bfb2e6
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358
dec6fc4f026d7f78fe78852981a5552ac5fe13e7165631b3c61901cc5719fc45
e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e49905baad9b8088eeb92ffaf80b8b6a97e31a117391689fd47b09f3a682abf1
e4a0fd533dfeac20f84303dd7a53225f8290e53d2907f96c4d696af2f032f0c7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58a12a18c5dc28037f867c2f97580b77507da05d33d84c9f88217a3c627b93f
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e6e080e881e29a77d25b2707d3d130d52bf039080f439ffe7618ed9ebe5c0d8e
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
e795eb948324543bd2ab45b10486927d0d8c0d0369094ed74dabafbc12701bde
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea9bf0e241a3ee16a940379ebf96c01051d6bec20d23e62a4ce3551287825e9c
ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4
ecaecc9b0e99b911c0f1b2d0040f1f6179f9edffe75729164de4df60620e981b
edf36f1ce73a51eadddad7abbd167942024c53ba1329b50093652a67611ffc77
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f099ab2b067e69ce7aec7316818cd1847e4bf80ecc9b3efa0cc9b4fa3d1e88d5
f112a3f134c1958ba797d0aecc4eee099aab2157d228856c56c3d3338c1bc414
f1538fb1d271d15c842a46eff6e08f8fa83679543260bc36670a33da3170fe21
f5baa4d60470a8a53017733f8489c66411d0b65af7883d73c22ac1c949478c35
f5d7b46894c7a7c8346953e909792a23a26f2f0955245e9b86e66c78c5978f27
f66ef8ba5baa63aa1dc366f1fc895a3cd1d32169cc6f7969ceae5a6e30a2e591
f6847fbbc6cc07598ebcbe60001e111822d702bf32057628307cc6a38a071561
f6cdf488e01c52018c72e669f38948ef1b3f44463428e6f2fd87c1d77ca77c05
ff11516a09ae9f42b88cfec0c3479e2e4166447c36cf0d9d0d1c7872e3d8ec70

diariodonordeste.verdesmares.com.br Open in urlscan Pro 200.233.65.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

291 Requests

91 %HTTPS

39 %IPv6

47 Domains

81 Subdomains

64 IPs

10 Countries

4805 kBTransfer

10800 kBSize

51 Cookies

13 Outgoing links

Page URL History

Redirected requests

291 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

diariodonordeste.verdesmares.com.br Open in urlscan Pro
200.233.65.3 Public Scan

Screenshot
Live screenshot

Full Image

291
Requests

91 %
HTTPS

39 %
IPv6

47
Domains

81
Subdomains

64
IPs

10
Countries

4805 kB
Transfer

10800 kB
Size

51
Cookies

291 HTTP transactions
7 data transactions