www.midianewstop.com.br Open in urlscan Pro
142.250.185.243 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.midianewstop.com.br/
Effective URL:
https://www.midianewstop.com.br/
Submission: On March 09 via manual (March 9th 2023, 4:07:39 pm UTC) from PL — Scanned from PL

Summary HTTP 176 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 49 IPs in 9 countries across 40 domains to perform 176 HTTP transactions. The main IP is 142.250.185.243, located in United States and belongs to GOOGLE, US. The main domain is www.midianewstop.com.br.
TLS certificate: Issued by GTS CA 1D4 on February 14th 2023. Valid for: 3 months.

This is the only time www.midianewstop.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	142.250.185.243 142.250.185.243	15169 (GOOGLE) (GOOGLE)
1	142.250.180.200 142.250.180.200	15169 (GOOGLE) (GOOGLE)
14	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
3	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.208.129 142.251.208.129	15169 (GOOGLE) (GOOGLE)
1 1	177.55.120.3 177.55.120.3	53057 (RedeHost ...) (RedeHost Internet Ltda.)
1 5	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
30	142.250.180.193 142.250.180.193	15169 (GOOGLE) (GOOGLE)
4	156.146.33.27 156.146.33.27	60068 (CDN77 ^_^) (CDN77 ^_^)
2	142.250.201.202 142.250.201.202	15169 (GOOGLE) (GOOGLE)
7	142.251.39.41 142.251.39.41	15169 (GOOGLE) (GOOGLE)
2	172.217.20.14 172.217.20.14	15169 (GOOGLE) (GOOGLE)
4	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
11	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	172.217.20.2 172.217.20.2	15169 (GOOGLE) (GOOGLE)
4	142.251.39.74 142.251.39.74	15169 (GOOGLE) (GOOGLE)
1 19	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
7	142.250.180.195 142.250.180.195	15169 (GOOGLE) (GOOGLE)
1	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
1	142.251.39.14 142.251.39.14	15169 (GOOGLE) (GOOGLE)
1	142.251.39.46 142.251.39.46	15169 (GOOGLE) (GOOGLE)
1	172.217.19.110 172.217.19.110	15169 (GOOGLE) (GOOGLE)
1 1	45.152.44.151 45.152.44.151	47583 (AS-HOSTINGER) (AS-HOSTINGER)
8	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
2 4	104.22.74.171 104.22.74.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	2.16.186.26 2.16.186.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	104.22.25.87 104.22.25.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	91.228.74.251 91.228.74.251	16509 (AMAZON-02) (AMAZON-02)
1	52.209.105.145 52.209.105.145	16509 (AMAZON-02) (AMAZON-02)
1	108.156.13.118 108.156.13.118	16509 (AMAZON-02) (AMAZON-02)
5	13.32.110.121 13.32.110.121	16509 (AMAZON-02) (AMAZON-02)
1	13.32.110.98 13.32.110.98	16509 (AMAZON-02) (AMAZON-02)
2	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	52.214.64.2 52.214.64.2	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.62 18.66.147.62	16509 (AMAZON-02) (AMAZON-02)
2	54.39.50.44 54.39.50.44	16276 (OVH) (OVH)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	104.21.7.209 104.21.7.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.96.12 188.114.96.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.213.47 172.67.213.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.57.98.143 52.57.98.143	16509 (AMAZON-02) (AMAZON-02)
176	49

7 142.250.185.243 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f19.1e100.net

www.midianewstop.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.shareron.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.200 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.208.129 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f1.1e100.net

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 177.55.120.3 (Brazil) 1 redirects

ASN53057 (RedeHost Internet Ltda., BR)

commentid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.97 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

fontpis.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bloggerfollowerss.blogspot.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bloggerfollowerss.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.180.193 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 156.146.33.27 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 663193551.fra.cdn77.com

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.201.202 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.39.41 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.20.14 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s28-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.20.2 (United States)

ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.74 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.185.225 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.180.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.14 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f14.1e100.net

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.46 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f14.1e100.net

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.19.110 (United States)

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f110.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.152.44.151 (São Paulo, Brazil) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

blogpager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.22.74.171 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-26.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.25.87 (None, )

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.51 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.251 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.105.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-105-145.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.13.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-13-118.hel51.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.110.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-121.vie50.r.cloudfront.net

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-98.vie50.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.64.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-64-2.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-62.fra60.r.cloudfront.net

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.39.50.44 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns558490.ip-54-39-50.net

cdn.phonemore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

reclamacoes.net.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.7.209 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

multicanais1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

multimax.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.213.47 (United States)

ASN13335 (CLOUDFLARENET, US)

images.uncyc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.98.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-98-143.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	582 KB
30	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 58 blogger.googleusercontent.com — Cisco Umbrella Rank: 14459	217 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com	248 KB
12	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 65 apis.google.com — Cisco Umbrella Rank: 106 www.google.com — Cisco Umbrella Rank: 2	293 KB
12	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	111 KB
7	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 2713 test.cmp.quantcast.com — Cisco Umbrella Rank: 10509 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12256	186 KB
7	blogger.com www.blogger.com — Cisco Umbrella Rank: 9309	482 KB
7	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 10391 fontpis.blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 13542 bloggerfollowerss.blogspot.com	41 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 299 fonts.googleapis.com — Cisco Umbrella Rank: 29	67 KB
5	midianewstop.com.br 1 redirects www.midianewstop.com.br	356 KB
4	amung.us 2 redirects whos.amung.us — Cisco Umbrella Rank: 16073 widgets.amung.us — Cisco Umbrella Rank: 15028	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24 region1.google-analytics.com — Cisco Umbrella Rank: 2361	20 KB
4	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 29428	222 KB
3	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 2637 mwzeom.zeotap.com — Cisco Umbrella Rank: 2516	21 KB
3	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 30740	813 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	146 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	157 KB
2	multimax.club multimax.club
2	multicanais1.com 2 redirects multicanais1.com	707 B
2	phonemore.com cdn.phonemore.com	122 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	88 KB
2	shareron.xyz www.shareron.xyz	11 KB
2	google.pl adservice.google.pl — Cisco Umbrella Rank: 31243	696 B
1	uncyc.org images.uncyc.org — Cisco Umbrella Rank: 718919	93 KB
1	reclamacoes.net.br reclamacoes.net.br	133 KB
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 35341	534 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 401	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 924	1 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	cpx.to p.cpx.to — Cisco Umbrella Rank: 9058	2 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 979	9 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 705
1	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 33166	6 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 387	291 B
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 9847	33 KB
1	blogspot.com.br 1 redirects bloggerfollowerss.blogspot.com.br	163 B
1	blogpager.com 1 redirects blogpager.com	312 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	609 B
1	commentid.com 1 redirects commentid.com	135 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	78 KB
176	40

	Domain	Requested by
24	lh3.googleusercontent.com	www.midianewstop.com.br ajax.googleapis.com
19	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	pagead2.googlesyndication.com	www.midianewstop.com.br pagead2.googlesyndication.com www.shareron.xyz googleads.g.doubleclick.net bloggerfollowerss.blogspot.com www.googletagservices.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ajax.googleapis.com
8	apis.google.com	www.shareron.xyz bloggerfollowerss.blogspot.com apis.google.com www.blogger.com
7	www.gstatic.com	googleads.g.doubleclick.net
7	www.blogger.com	www.midianewstop.com.br www.shareron.xyz bloggerfollowerss.blogspot.com apis.google.com
6	blogger.googleusercontent.com	www.midianewstop.com.br ajax.googleapis.com
5	cmp.quantcast.com	www.midianewstop.com.br cmp.quantcast.com
5	www.midianewstop.com.br	1 redirects www.midianewstop.com.br ajax.googleapis.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	www.midianewstop.com.br fonts.googleapis.com
4	ads.themoneytizer.com	www.midianewstop.com.br ads.themoneytizer.com
3	c.tmyzer.com	ads.themoneytizer.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	cdnjs.cloudflare.com	www.midianewstop.com.br cdnjs.cloudflare.com
2	multimax.club	www.midianewstop.com.br
2	multicanais1.com	2 redirects
2	cdn.phonemore.com	www.midianewstop.com.br
2	www.google.com	1 redirects tpc.googlesyndication.com
2	connect.facebook.net	www.midianewstop.com.br connect.facebook.net
2	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
2	widgets.amung.us	www.shareron.xyz bloggerfollowerss.blogspot.com
2	whos.amung.us	2 redirects
2	bloggerfollowerss.blogspot.com	www.midianewstop.com.br bloggerfollowerss.blogspot.com
2	www.shareron.xyz	www.midianewstop.com.br www.shareron.xyz
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.pl	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.midianewstop.com.br www.google-analytics.com
2	ajax.googleapis.com	www.midianewstop.com.br d2zur9cc2gf1tx.cloudfront.net
2	fontpis.blogspot.com	www.midianewstop.com.br
2	1.bp.blogspot.com	www.midianewstop.com.br
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	images.uncyc.org	www.midianewstop.com.br
1	reclamacoes.net.br	www.midianewstop.com.br
1	test.cmp.quantcast.com	cmp.quantcast.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	id5-sync.com	www.midianewstop.com.br
1	mwzeom.zeotap.com	www.midianewstop.com.br
1	cm.g.doubleclick.net	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	bloggerfollowerss.blogspot.com.br	1 redirects
1	blogpager.com	1 redirects
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	4.bp.blogspot.com	www.midianewstop.com.br
1	commentid.com	1 redirects
1	www.googletagmanager.com	www.midianewstop.com.br
176	59

This site contains links to these domains. Also see Links.

Domain
templatestopbest.blogspot.com
www.blogger.com
www.templateparablogspot.com

Subject Issuer	Validity	Valid
www.midianewstop.com.br GTS CA 1D4	`2023-02-14` - `2023-05-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.pl GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.shareron.xyz GTS CA 1D4	`2023-01-24` - `2023-04-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
c.tmyzer.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-08` - `2023-09-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2022-09-13` - `2023-09-13`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-13`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
cmp.quantcast.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
quantserve.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-16`	2 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
adtrack.adleadevent.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-12`	5 months	crt.sh
cdn.phonemore.com R3	`2023-02-18` - `2023-05-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.midianewstop.com.br/
Frame ID: C9AE95DBF1C28F79DB9FD68F7C4F04D2
Requests: 99 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html
Frame ID: 6D3619735C9EB2E168FFBA328AE5D7C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4129695297624715&output=html&adk=1812271804&adf=3025194257&lmt=1678296816&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fwww.midianewstop.com.br%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678378030863&bpp=36&bdt=926&idt=1533&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2541338075360&frm=20&pv=2&ga_vid=368167936.1678378032&ga_sid=1678378033&ga_hid=1389963142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C44777877%2C42531705&oid=2&pvsid=2492693930526928&tmod=1236861396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1931
Frame ID: 9B1F2C8373297ABB1AA9EFA259400F3C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4129695297624715&output=html&h=280&slotname=7410528067&adk=2338157369&adf=2842348252&pi=t.ma~as.7410528067&w=1078&fwrn=4&fwrnh=100&lmt=1678296816&rafmt=1&format=1078x280&url=https%3A%2F%2Fwww.midianewstop.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678378030899&bpp=14&bdt=962&idt=2029&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2541338075360&frm=20&pv=1&ga_vid=368167936.1678378032&ga_sid=1678378033&ga_hid=1389963142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C44777877%2C42531705&oid=2&pvsid=2492693930526928&tmod=1236861396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dZJRQ4bjfi&p=https%3A//www.midianewstop.com.br&dtd=2126
Frame ID: 6E804F3ADABEBEF7C4102370272878E0
Requests: 17 HTTP requests in this frame

Frame: https://www.shareron.xyz/
Frame ID: B53CD7875E2E687BC4D5C194570CE2B4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9E611C596AF752D63A60F3D107A9DF0B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Frame ID: E682A2FE755848A6B6081CC9B230E4F6
Requests: 14 HTTP requests in this frame

Frame: https://bloggerfollowerss.blogspot.com/
Frame ID: 036422748186815E04F7E6C02870C51C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4129695297624715&output=html&h=600&slotname=7410528067&adk=1027938309&adf=1057941841&pi=t.ma~as.7410528067&w=278&fwrn=4&fwrnh=100&lmt=1678296816&rafmt=1&format=278x600&url=https%3A%2F%2Fwww.midianewstop.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678378035220&bpp=10&bdt=5283&idt=11&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc44b3c73267047c6-22f4b6fa48dd00aa%3AT%3D1678378033%3ART%3D1678378033%3AS%3DALNI_MY4TmFK1uB8TRVnzOg3mwnyNxHATA&gpic=UID%3D00000bc2b1bb7448%3AT%3D1678378033%3ART%3D1678378033%3AS%3DALNI_Ma0MUcd9_yoeQ74gCFPgBnZ4AyUfA&prev_fmts=0x0%2C1078x280%2C1600x1200%2C1005x124&nras=3&correlator=2541338075360&frm=20&pv=1&ga_vid=368167936.1678378032&ga_sid=1678378033&ga_hid=1389963142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=849&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C44777877%2C42531705&oid=2&psts=AD37Y7vkK83OFZ_Xc31v_8zA4A0Ek55PJFkhcoY2uZtaR7ZxCgRehSOnZCrraQC1wpwFpiyFALvRIodRhJo4J-ALow&pvsid=2492693930526928&tmod=1236861396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5tZu7noQ45&p=https%3A//www.midianewstop.com.br&dtd=82
Frame ID: 149D13EA7DA64F41FE774370ACC32AC6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678378036233
Frame ID: ADCC81C7805F2C1AB015FC8E14071D00
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: 72202C6225023C79E1ED8DCF11A06FF4
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D0B43182B95220923502F69623DB6D3B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 39CA55583190FE5D19B98C306CB75C94
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=9003510625708172462&blogName=blog&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.shareron.xyz/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.shareron.xyz/&vt=-1453047885714763780&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.pl.gQ1LfBzlfX8.O%2Fd%3D1%2Frs%3DAHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ%2Fm%3D__features__
Frame ID: 33EE16F58D7E8C10DA079EF465D80B63
Requests: 3 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=9050181614662338786&blogName=Blogger&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://bloggerfollowerss.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://bloggerfollowerss.blogspot.com/&vt=5421300568484352217&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.pl.gQ1LfBzlfX8.O%2Fd%3D1%2Frs%3DAHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ%2Fm%3D__features__
Frame ID: 4B59E83EC913E1FA477915B428020F23
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4129695297624715&output=html&h=600&slotname=7410528067&adk=1027938309&adf=1057941841&pi=t.ma~as.7410528067&w=278&fwrn=4&fwrnh=100&lmt=1678296816&rafmt=1&format=278x600&url=https%3A%2F%2Fwww.midianewstop.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678378035220&bpp=10&bdt=5283&idt=11&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc44b3c73267047c6-22f4b6fa48dd00aa%3AT%3D1678378033%3ART%3D1678378033%3AS%3DALNI_MY4TmFK1uB8TRVnzOg3mwnyNxHATA&gpic=UID%3D00000bc2b1bb7448%3AT%3D1678378033%3ART%3D1678378033%3AS%3DALNI_Ma0MUcd9_yoeQ74gCFPgBnZ4AyUfA&prev_fmts=0x0%2C1078x280%2C1600x1200%2C1005x124&nras=3&correlator=2541338075360&frm=20&pv=1&ga_vid=368167936.1678378032&ga_sid=1678378033&ga_hid=1389963142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=849&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C44777877%2C42531705&oid=2&psts=AD37Y7vkK83OFZ_Xc31v_8zA4A0Ek55PJFkhcoY2uZtaR7ZxCgRehSOnZCrraQC1wpwFpiyFALvRIodRhJo4J-ALow&pvsid=2492693930526928&tmod=1236861396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5tZu7noQ45&p=https%3A//www.midianewstop.com.br&dtd=82
Frame ID: C5C645B5DC2C42B63BC9E4DF9D57DACE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: 0B2D5C7066B0D10B7ACE9C4634802CF4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF980DE1CC7946D5D88453D93744AF2F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 33D5B9A704E0428046E3FBBF4E479584
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MidiaNewstop é um site dedicado a noticiar as novidades sobre os serviços de streaming

Page URL History Show full URLs

http://www.midianewstop.com.br/ HTTP 301
https://www.midianewstop.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

176
Requests

95 %
HTTPS

0 %
IPv6

40
Domains

59
Subdomains

49
IPs

9
Countries

3754 kB
Transfer

8023 kB
Size

16
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://templatestopbest.blogspot.com/
Title: Ajuda

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/08538884404517549211
Title: fotosguaran

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/report-abuse
Title: Denunciar abuso

Search URL Search Domain Scan URL

URL: https://www.templateparablogspot.com/
Title: Blogger Templates

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Dowiedz się więcej

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.midianewstop.com.br/ HTTP 301
https://www.midianewstop.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://commentid.com/bloggerfonts.js HTTP 302
https://fontpis.blogspot.com/

Request Chain 63

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDb4P-e2wEQsAkYsAkyCL09P_fsbKR5 HTTP 301
https://tpc.googlesyndication.com/simgad/8855445465861027368

Request Chain 64

https://blogpager.com/dataoldert1.js HTTP 302
https://fontpis.blogspot.com/

Request Chain 71

https://bloggerfollowerss.blogspot.com.br/ HTTP 302
https://bloggerfollowerss.blogspot.com/

Request Chain 75

https://whos.amung.us/swidget/blogger111 HTTP 307
https://widgets.amung.us/small/13/1325.png

Request Chain 95

https://whos.amung.us/swidget/26ri8qf50jwy HTTP 307
https://widgets.amung.us/small/13/1330.png

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f36a7693-7f8d-49d0-7b66-c6a2c00b29ef&reqId=468f8567-5202-47f0-7bc7-34c57e0bf56b&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEPP5aSuJrsnpGg_hKw9P2cA&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f36a7693-7f8d-49d0-7b66-c6a2c00b29ef&reqId=468f8567-5202-47f0-7bc7-34c57e0bf56b&zdid=1258

Request Chain 160

https://multicanais1.com/wp-content/uploads/2023/02/Leicester-X-Arsenal-249x140.jpg HTTP 301
https://multimax.club/

Request Chain 162

https://multicanais1.com/wp-content/uploads/2023/02/Empoli-X-Napoli-249x140.jpg HTTP 301
https://multimax.club/

176 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.midianewstop.com.br/
Redirect Chain

http://www.midianewstop.com.br/
https://www.midianewstop.com.br/

281 KB
61 KB

662ms
563ms

Document
text/html

142.250.185.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.243 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f19.1e100.net

Software

GSE /

Resource Hash

3d06c6b246ddba57df13b038e65d80c2e87421d1981775bdac75531184bb7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 61917
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 16:07:09 GMT
etag: W/"53895f8be618281cfc0eb38ae6801709d531d953d7e5621a8c300716c81aa684"
expires: Thu, 09 Mar 2023 16:07:09 GMT
last-modified: Wed, 08 Mar 2023 17:33:36 GMT
server: GSE
x-content-type-options: nosniff
x-robots-tag: all
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 178
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 16:07:09 GMT
Expires: Thu, 09 Mar 2023 16:07:09 GMT
Location: https://www.midianewstop.com.br/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
78 KB 354ms
125ms Script
application/javascript 142.250.180.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L8WX1W8V3Q

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8e6203015f55818aff51a75657ed6eaa170182cae6dda882e163ecd3a174685c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79816
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 16:07:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 355ms
128ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4129695297624715

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

9fbd7f414afceb15d7368a7688bc17265ea485f50e3563374fa073700a4ed27e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Origin: https://www.midianewstop.com.br
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48519
x-xss-protection: 0
server: cafe
etag: 829842361908810259
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:07:10 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/ 54 KB
10 KB 274ms
47ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1171226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9802
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-d78f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8w512u%2FRU%2F%2BJPI4P6A3ZO6XlppHt9Bi6R4ybZNNDqDQnmh19Clg6Lt6rJzCe%2BiE5gW9G2RzWmAuBeh0vPJIPV5q7LDCtfXzJzY%2Fv4N4PsMGtSAX86DAe3ucpahHB8P8GOGiDfBbZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a5491c0bbf4501e-WAW
expires: Tue, 27 Feb 2024 16:07:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
47 KB 254ms
0ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0326777740329359&host=ca-host-pub-1556223355139109

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e306a9a93006286083e6aede3a1246be61bdc5cc6b69a77d2bc628cb105956f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Origin: https://www.midianewstop.com.br
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48363
x-xss-protection: 0
server: cafe
etag: 7483207063876970311
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:07:10 GMT

GET
H2 200 fast-logo.jpg
1.bp.blogspot.com/-BiUC0mHoogU/YHTBPRSdX4I/AAAAAAAAAcI/3bWQlpt5pY8nJI-VfD78MQRovrkVNSeOQCK4BGAYYCw/s1600/ 11 KB
11 KB 1547ms
64ms Image
image/jpeg 142.251.208.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-BiUC0mHoogU/YHTBPRSdX4I/AAAAAAAAAcI/3bWQlpt5pY8nJI-VfD78MQRovrkVNSeOQCK4BGAYYCw/s1600/fast-logo.jpg

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f1.1e100.net

Software

fife /

Resource Hash

78de87463358555b2eaf99a7c79947a71a77c85fc8dad803df419c659eb82b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:11 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="fast-logo.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11129
x-xss-protection: 0
server: fife
etag: "v1c3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Mar 2023 11:14:41 GMT

GET
H2

200

/ Show response
fontpis.blogspot.com/
Redirect Chain

https://commentid.com/bloggerfonts.js
https://fontpis.blogspot.com/

0
0

1116ms
666ms

Script
text/html

142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fontpis.blogspot.com/
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Server: 142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

location: https://fontpis.blogspot.com/
date: Thu, 09 Mar 2023 16:07:12 GMT
cache-control: max-age=86400
expires: Fri, 10 Mar 2023 16:07:12 GMT
server: Apache
content-length: 213
content-type: text/html; charset=iso-8859-1

GET
H2 200 AHs97-mxpiw_4bLpCEH_BlgGJts2P51XVxR-r-aikDt4a2jtHN1qdqxBbRd0CZYcy3KkOijY7Fr57O6B-p1zDP6XV8gipkh_9WLEycn7xrrPFjThdRqwcx34Jw=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 2 KB
3 KB 1540ms
57ms Image
image/jpeg 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-mxpiw_4bLpCEH_BlgGJts2P51XVxR-r-aikDt4a2jtHN1qdqxBbRd0CZYcy3KkOijY7Fr57O6B-p1zDP6XV8gipkh_9WLEycn7xrrPFjThdRqwcx34Jw=w72-h72-p-k-no-nu

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

f10cabcd9b65403d24ae7f8228225656e8c02168d817d319b31034ead933f17a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:11 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2455
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:11 GMT

GET
H2 200 AHs97-kApH0LQdLd1krIBj44yf8b_88KeBPhzszAiQGqyQinlCFpTKsTWeqIwQooaQ-nulxicNdhOjV8ahqy4DO1MPFsJzGbSwQ27J6ns_0amYg7dROJS0qRF23F0T6CTKFUeELK16cxxA=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 2 KB
2 KB 1542ms
60ms Image
image/png 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-kApH0LQdLd1krIBj44yf8b_88KeBPhzszAiQGqyQinlCFpTKsTWeqIwQooaQ-nulxicNdhOjV8ahqy4DO1MPFsJzGbSwQ27J6ns_0amYg7dROJS0qRF23F0T6CTKFUeELK16cxxA=w72-h72-p-k-no-nu

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

22f800efa33daec2fb21f38c9508cb2c93fb937494ce10ebf72e2cbb90c19996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:11 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1922
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:11 GMT

GET
H2 200 AHs97-l1XMrShCybhHabmqiWb-qpne8zOx5FOc1HcyB-194pelBkGOz4mcouK01PI54PHgtcGJsZpf0iOynnHHCULVgvLMNBNkjh5QhJwGdTNd1GCB04=w72-h72-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 3 KB
3 KB 1501ms
62ms Image
image/jpeg 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-l1XMrShCybhHabmqiWb-qpne8zOx5FOc1HcyB-194pelBkGOz4mcouK01PI54PHgtcGJsZpf0iOynnHHCULVgvLMNBNkjh5QhJwGdTNd1GCB04=w72-h72-n-k-no-nu

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

b364816e91b00fe2ed07f3e26189a9420ce10ccd1ec6f89caf8a8077a8eafff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:11 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3063
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:11 GMT

GET
H2 200 Captura%20de%20tela%202023-03-05%20135741.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCYFM5DcvDnWiuM4rCGcqWnwxAjZ2V1O6eCXpEw4o4yKdibguz--MjNKlcMw6xwkybCJ2xejOxfhSn1-ZfHPhUoJl1UXcCpMgvYnoRXyFrwKyfgA2P8m1Ky7g7MLo4QGCK52tXalZSPI-gAUOJ... 10 KB
10 KB 2102ms
664ms Image
image/png 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCYFM5DcvDnWiuM4rCGcqWnwxAjZ2V1O6eCXpEw4o4yKdibguz--MjNKlcMw6xwkybCJ2xejOxfhSn1-ZfHPhUoJl1UXcCpMgvYnoRXyFrwKyfgA2P8m1Ky7g7MLo4QGCK52tXalZSPI-gAUOJw11xZNRqLtt9siQf3a_BrJe2J5EPtp2VY9rUD_Ym/w72-h72-p-k-no-nu/Captura%20de%20tela%202023-03-05%20135741.png

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

3042297618a25583ad8acf5c3fa6224baa7b2db6b70c52cdda709313088444ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v13f7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Captura de tela 2023-03-05 135741.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10498
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:12 GMT

GET
H2 404 AHs97-meKiQt3AbvZuU7Vk9xVu4YXCL3pM1TyLEvthV_HL8C2A-hykFUM1vDIdhMo_2q8mmvr2Abmm1cg0LP8LkfITinW7PW5x0xaEZ9bsbgZI-7WI16k95DvkYlqc6nCXVvtBO8GFT8AvtnDkcEIusLgAs_We7h9B4v=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 2882ms
1501ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-meKiQt3AbvZuU7Vk9xVu4YXCL3pM1TyLEvthV_HL8C2A-hykFUM1vDIdhMo_2q8mmvr2Abmm1cg0LP8LkfITinW7PW5x0xaEZ9bsbgZI-7WI16k95DvkYlqc6nCXVvtBO8GFT8AvtnDkcEIusLgAs_We7h9B4v=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-nBVMe6Hqefe2eE7VI63gehrDobxHzwXtvwS8QK_lu7dhPBqA_PqjJNCwzXzROhUcpJWnYHm7V_L0vAge2WJbmpl-xGNk2Oi60kkoF6v4IMXr5NhxN1JmvhYmjQ93Gv9VC3rGLWjPBjAke1Pm5j9pUI5WQ=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 2630ms
1569ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-nBVMe6Hqefe2eE7VI63gehrDobxHzwXtvwS8QK_lu7dhPBqA_PqjJNCwzXzROhUcpJWnYHm7V_L0vAge2WJbmpl-xGNk2Oi60kkoF6v4IMXr5NhxN1JmvhYmjQ93Gv9VC3rGLWjPBjAke1Pm5j9pUI5WQ=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-mRO8-SllRbOCq7MYU0SSvvAVJ9RKYEsOja1hcgu7j12DobWUh1_v3dtq_IRcui8EJXAx6VlV-yf8x4WgC_SGEk7csvDm20GyC9_FXbatWoTbkDyY5FZgVMGKFzAOIa08-cSzGx_L7xzoITWa3XOkMvnYjfT5zivXX76AwblL9wgw=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 1179ms
1147ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-mRO8-SllRbOCq7MYU0SSvvAVJ9RKYEsOja1hcgu7j12DobWUh1_v3dtq_IRcui8EJXAx6VlV-yf8x4WgC_SGEk7csvDm20GyC9_FXbatWoTbkDyY5FZgVMGKFzAOIa08-cSzGx_L7xzoITWa3XOkMvnYjfT5zivXX76AwblL9wgw=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-lR6DWQCK-RV5TS9A5IrZ1i8yI1luAepzm95y4beMBxOKMNTu0cuVQtLi4BsbmmYtbwT0ExlVZfDuTUScg_Q6c81tlhDDZ3UDeFw0pHV2Rkuz52yDurcnWqyX-b2FZCfORnNGZn5dY_dIl_70-hQ-wX2izPCR1LXbCWm1YvtGkeSdR6jA=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 1544ms
1512ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-lR6DWQCK-RV5TS9A5IrZ1i8yI1luAepzm95y4beMBxOKMNTu0cuVQtLi4BsbmmYtbwT0ExlVZfDuTUScg_Q6c81tlhDDZ3UDeFw0pHV2Rkuz52yDurcnWqyX-b2FZCfORnNGZn5dY_dIl_70-hQ-wX2izPCR1LXbCWm1YvtGkeSdR6jA=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-kzrkBvIgIlkYda3y4hitBGlturPkP41CakNLVqWllSnJgrTDnlYTALE57BxE2fP0cy_sttBu0qfaxYUEp743LhofI_Q-ryELhtDLvDgq6xtx4zMYFJ1lvfeD4cteEvMoPU3exX_xRI-nfTn6yiU6Nz67m2SDmHw5ICnXs=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 1596ms
1565ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-kzrkBvIgIlkYda3y4hitBGlturPkP41CakNLVqWllSnJgrTDnlYTALE57BxE2fP0cy_sttBu0qfaxYUEp743LhofI_Q-ryELhtDLvDgq6xtx4zMYFJ1lvfeD4cteEvMoPU3exX_xRI-nfTn6yiU6Nz67m2SDmHw5ICnXs=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-k8lk7MklqBRGS5jpPD0unW3vO2tX_ad9VOIVsnDq6jSr_1IuXeeZwzC6Rz5eE4e_D8I5zNQM8zwDOtF7NdWNMdMiFZe-aeYKScqu4gzcW4PoyWTLut7U2a2SgyriAm1vmiwth2fKG8eAB5xHIsxysO8ifOICJGTLs=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 1532ms
1500ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-k8lk7MklqBRGS5jpPD0unW3vO2tX_ad9VOIVsnDq6jSr_1IuXeeZwzC6Rz5eE4e_D8I5zNQM8zwDOtF7NdWNMdMiFZe-aeYKScqu4gzcW4PoyWTLut7U2a2SgyriAm1vmiwth2fKG8eAB5xHIsxysO8ifOICJGTLs=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-kciKwgf_poG_WAHyLXN-F6A2jg4axxeUlEghM91z5TGGtS5u74s6i6aRrPzSrFf2D_0pm69LkMoBTDG4SbyuiWQWByHaWuXRufFR49Np4UIGeIE5soHzMEu05-jDiOWlSxosOwBE-i1hT_brk5NcA1ezDiIukyclnqB-rYpg=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 1369ms
1337ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-kciKwgf_poG_WAHyLXN-F6A2jg4axxeUlEghM91z5TGGtS5u74s6i6aRrPzSrFf2D_0pm69LkMoBTDG4SbyuiWQWByHaWuXRufFR49Np4UIGeIE5soHzMEu05-jDiOWlSxosOwBE-i1hT_brk5NcA1ezDiIukyclnqB-rYpg=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-nNDRy_Tzij6KTIpUN3ORi5O_DGswvjwzNcD3dxQRM6-Wi7qft12b_kMkEcKWopuMvzJdBVo_8JnjucYzmzUHMyBorD76RCmINlTg_ci_6CFWOUMqR4djTYZnloMeAG3ZUZHZP2r5bQffOg_9gEu3FzUt8sSgl3RdtQXMpKNw=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 1591ms
1560ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-nNDRy_Tzij6KTIpUN3ORi5O_DGswvjwzNcD3dxQRM6-Wi7qft12b_kMkEcKWopuMvzJdBVo_8JnjucYzmzUHMyBorD76RCmINlTg_ci_6CFWOUMqR4djTYZnloMeAG3ZUZHZP2r5bQffOg_9gEu3FzUt8sSgl3RdtQXMpKNw=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-mHvy455AmVaVb2YaJStE7-eUzoNtmd36hIVfOH48VXmetB5JQ1ag9-sahXN3NDzmiHMCAGkEWeqDIppaNqo8NT5LL_MjlgBFPpW6rRAezwJxqdSnx-JGpQZPDxMzcA2Rbn1HJhxcNSF3AlYncc__QUM8eTtT1TXz7HMw=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 1338ms
1307ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-mHvy455AmVaVb2YaJStE7-eUzoNtmd36hIVfOH48VXmetB5JQ1ag9-sahXN3NDzmiHMCAGkEWeqDIppaNqo8NT5LL_MjlgBFPpW6rRAezwJxqdSnx-JGpQZPDxMzcA2Rbn1HJhxcNSF3AlYncc__QUM8eTtT1TXz7HMw=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-lFvU6qLdF2qgeB3GYy5Nt046xasq31baT0Yp8B7jmVfIivxsvol3lSwBxNT59tXjrQANuq_jVw52w_NXqr3kTX4jHfpcnAs8VYbU9TfzQb6MigY4Y5cfh81gZT2gs0ntJJdD4mtP_WPfUvWxDRoa-SaQl3aH6QyNZH=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 1533ms
1501ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-lFvU6qLdF2qgeB3GYy5Nt046xasq31baT0Yp8B7jmVfIivxsvol3lSwBxNT59tXjrQANuq_jVw52w_NXqr3kTX4jHfpcnAs8VYbU9TfzQb6MigY4Y5cfh81gZT2gs0ntJJdD4mtP_WPfUvWxDRoa-SaQl3aH6QyNZH=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-l7VhNTdA8AwIgmHOCJXOB2fw9YexoKxGdnbyANTPXEF43BsK8hrPNi-4EDTRJrGV5WTKqJ9-542nXKENVNyT_7XkDBgko0nBwwZPwiT3FUCr0gq0pV2DzsYMo-JDMfDwVDs4JX6NMmbO9zqewqrIM5KCK_rd9qRoRbs8j9=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 1603ms
1571ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-l7VhNTdA8AwIgmHOCJXOB2fw9YexoKxGdnbyANTPXEF43BsK8hrPNi-4EDTRJrGV5WTKqJ9-542nXKENVNyT_7XkDBgko0nBwwZPwiT3FUCr0gq0pV2DzsYMo-JDMfDwVDs4JX6NMmbO9zqewqrIM5KCK_rd9qRoRbs8j9=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-m3iSu5dGhFfRuelmj93xJRFDhXD3wAEPD-zwD4JBB7UMEVzkE_g3bdmZN1d6lHsQwNXuy6EV7vqZn6uD5i9zsMQrGnh12bl3xciIYP5urOJDnXnUateAXoGi5gWuugDXeXA4vUhRUnaN3hvb4bz9nbda6C_J9mTI0ghIk=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 1367ms
1336ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-m3iSu5dGhFfRuelmj93xJRFDhXD3wAEPD-zwD4JBB7UMEVzkE_g3bdmZN1d6lHsQwNXuy6EV7vqZn6uD5i9zsMQrGnh12bl3xciIYP5urOJDnXnUateAXoGi5gWuugDXeXA4vUhRUnaN3hvb4bz9nbda6C_J9mTI0ghIk=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 404 AHs97-nKwp8rLou_cvz9YsGpFRNql7ixi1cz2X3UYtVlwYCTYVlFGDjrOfT6L9i454OX3_ZliCzuX6mUjEJj4VlHZ-ACv2KZmaN161H1qRhqlg_xSwZmvKzpNFd8lwMiHqR39xIgxFVogOYs2xG9-03_NU-5M_o=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 0
0 1553ms
1522ms Image
text/html 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-nKwp8rLou_cvz9YsGpFRNql7ixi1cz2X3UYtVlwYCTYVlFGDjrOfT6L9i454OX3_ZliCzuX6mUjEJj4VlHZ-ACv2KZmaN161H1qRhqlg_xSwZmvKzpNFd8lwMiHqR39xIgxFVogOYs2xG9-03_NU-5M_o=w72-h72-p-k-no-nu
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 O-SONO-DA-MORTE.png
1.bp.blogspot.com/-qH6EGvLkorQ/X7ElDLjrafI/AAAAAAAAyZE/lqwV7eo_fdM93XfKN6qmkUSf9C48nw7mgCLcBGAsYHQ/w72-h72-p-k-no-nu/ 12 KB
12 KB 138ms
107ms Image
image/png 142.251.208.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-qH6EGvLkorQ/X7ElDLjrafI/AAAAAAAAyZE/lqwV7eo_fdM93XfKN6qmkUSf9C48nw7mgCLcBGAsYHQ/w72-h72-p-k-no-nu/O-SONO-DA-MORTE.png

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f1.1e100.net

Software

fife /

Resource Hash

714d5a1730c3e569bd06f5fbe831f463e86dbcb6412c06281946aef58884d5df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:12 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="O-SONO-DA-MORTE.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12162
x-xss-protection: 0
server: fife
etag: "vc992"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Mar 2023 11:14:41 GMT

GET
H2 200 Animais%20Noturnos.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdyd7ytdVqvcNCAvTNt8A88Qet9Pyi7YT_ItGmMZ9lW2bvJGYuWIhCOdDkvjJwpry1EUOXN_7EZ2aFsO1Dct5Ta5BVaVJ39uju-i86ppU58kxo83LZ-tz3Btx_ciYL8Sc_3HBZ1VKcFVIsDl_J... 2 KB
2 KB 641ms
610ms Image
image/jpeg 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdyd7ytdVqvcNCAvTNt8A88Qet9Pyi7YT_ItGmMZ9lW2bvJGYuWIhCOdDkvjJwpry1EUOXN_7EZ2aFsO1Dct5Ta5BVaVJ39uju-i86ppU58kxo83LZ-tz3Btx_ciYL8Sc_3HBZ1VKcFVIsDl_JCwJIDiLk7xOyyU8398CFSWCqwBu1N_sLPT62kbVt4A/w72-h72-p-k-no-nu/Animais%20Noturnos.jpg

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

2817dbec718e61dfe238ec05ce014b0a7f8332726365e2764a2f9b364ec808c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v4826"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Animais Noturnos.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1635
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:12 GMT

GET
H2 200 AHs97-mN-L85wjdApHSHWdIONd6st7KhhlFJCNNTmYqc4-kuZeK_Wq0bug-hGD6zmu83i0KSFUh_uZ2WzCFJDnOJTxY65WjRJbRsNxiE1i24OVg4wVOTmnKhNhoHJvVCFH4vFs3wVWUqp_2TaFdjcuMtmYMSElDYQa9R=w72-h72-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 3 KB
3 KB 128ms
97ms Image
image/jpeg 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-mN-L85wjdApHSHWdIONd6st7KhhlFJCNNTmYqc4-kuZeK_Wq0bug-hGD6zmu83i0KSFUh_uZ2WzCFJDnOJTxY65WjRJbRsNxiE1i24OVg4wVOTmnKhNhoHJvVCFH4vFs3wVWUqp_2TaFdjcuMtmYMSElDYQa9R=w72-h72-p-k-no-nu

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

c90858e0d23c9c550f938c67f613c14068fad38713df9379cb1dc1be831815a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:12 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2771
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:12 GMT

GET
H2 200 AVvXsEjFwIqccBRjpe5GmvFvtlQvtSueBc2qndDDkyrSEx7Ep-zgsU8aXpIyuj9-vZ3wXrKFxcMOxNPixPDxs-oqa58vDePCmhOs9nGb5mSiFFcx1MwSXzBMpSyWLjMPpX5HTtKJw2c0jbgBXMu5zlXN7mEolbLX5d56JuoVIj6z5-sHeUrKTBeuadAtOe1cIw=w7...
blogger.googleusercontent.com/img/a/ 3 KB
3 KB 638ms
607ms Image
image/jpeg 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjFwIqccBRjpe5GmvFvtlQvtSueBc2qndDDkyrSEx7Ep-zgsU8aXpIyuj9-vZ3wXrKFxcMOxNPixPDxs-oqa58vDePCmhOs9nGb5mSiFFcx1MwSXzBMpSyWLjMPpX5HTtKJw2c0jbgBXMu5zlXN7mEolbLX5d56JuoVIj6z5-sHeUrKTBeuadAtOe1cIw=w72-h72-p-k-no-nu

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

b0f41b0d05bdecb97352dae99f9054590e6304f77da7dbc0d501e4b7e7fa5981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v3f64"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UM LUGAR SILENCIOSO 1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3229
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:12 GMT

GET
H2 200 AHs97-kKL0YEPdiYQsyGxT4cEIxYRG1ZevSuKNqBH01Xm6DRZaaQJK74bSXqk66GNsTVzTucJCS73Ysyem0y-D0zI1fAM-nt4bMumAdg64YFL0S0-ri6fw=w72-h72-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 4 KB
4 KB 105ms
74ms Image
image/jpeg 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-kKL0YEPdiYQsyGxT4cEIxYRG1ZevSuKNqBH01Xm6DRZaaQJK74bSXqk66GNsTVzTucJCS73Ysyem0y-D0zI1fAM-nt4bMumAdg64YFL0S0-ri6fw=w72-h72-n-k-no-nu

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

ce0b46a856a68d33e90a64f93e6e50b4d7120dd1e1c8bc510e7021379257930a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:12 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4243
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:12 GMT

GET
H2 200 AHs97-kDTemQ8z-rBkfo8vMMmv2nTPLlRJmqcBsLY7OFSh_cyplChOQTpi0QkRtlS_4J6z5Nu6Dj4tYRNCgUYLiS2NlTK89beQTkerZB_VAz7Gqgb0cKOg=w72-h72-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 3 KB
3 KB 163ms
132ms Image
image/jpeg 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-kDTemQ8z-rBkfo8vMMmv2nTPLlRJmqcBsLY7OFSh_cyplChOQTpi0QkRtlS_4J6z5Nu6Dj4tYRNCgUYLiS2NlTK89beQTkerZB_VAz7Gqgb0cKOg=w72-h72-n-k-no-nu

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

bf50246ee662ae5fc57d553de6a0e576e3ac820444d574f30d895881bfc4acbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:12 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3378
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:12 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
3 KB 1542ms
40ms Script
text/html 156.146.33.27
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=3
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.27 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-nzt: AZySIRkKI+r/SpsAAA
x-accel-expires: @1678943077
date: Thu, 09 Mar 2023 16:07:11 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: cf878727e14158342f040a646de6653a
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 39754

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 117 KB
17 KB 1594ms
93ms Script
text/html 156.146.33.27
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.27 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 7a874b800727e0e847f38cde9fa69f26a057da612488e2befd940feef69e1838

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-nzt: AZySIRmJh7ah
x-77-pop: frankfurtDE
date: Thu, 09 Mar 2023 16:07:12 GMT
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: cf878727e14158342f040a64461e703a
vary: Accept-Encoding
x-cache: MISS
content-type: text/html; charset=UTF-8
x-77-cache: MISS
cache-control: max-age=604800

GET
H2 200 fast-logo.png
4.bp.blogspot.com/-Gd5xglKRBoo/YHTCOXb8jDI/AAAAAAAAAcg/oHoxuK9wZjASaTnF_TWBQrzbetGS52PbgCK4BGAYYCw/s1600/ 9 KB
9 KB 141ms
109ms Image
image/png 142.251.208.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-Gd5xglKRBoo/YHTCOXb8jDI/AAAAAAAAAcg/oHoxuK9wZjASaTnF_TWBQrzbetGS52PbgCK4BGAYYCw/s1600/fast-logo.png

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f1.1e100.net

Software

fife /

Resource Hash

706e1b444f5db1dff267ee831abedbf4a0e3857c9891fdcb43746514380ddb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:12 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="fast-logo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8782
x-xss-protection: 0
server: fife
etag: "v1c9"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Mar 2023 11:14:41 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 1154ms
74ms Script
text/javascript 142.250.201.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f10.1e100.net

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 13:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 13:02:45 GMT

GET
H2 200 cookienotice.js Show response
www.midianewstop.com.br/js/ 6 KB
2 KB 176ms
0ms Script
text/javascript 142.250.185.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.midianewstop.com.br/js/cookienotice.js

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.243 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f19.1e100.net

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Mar 2023 13:49:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 16 Mar 2023 16:07:10 GMT

GET
H2 200 229057146-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
154 KB 1517ms
33ms Script
text/javascript 142.251.39.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/229057146-widgets.js

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f9.1e100.net

Software

sffe /

Resource Hash

95e23bbcb1c881150cab5a1725158908b4c7f408e2a3fec61902a8e1abd11611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:55:48 GMT
x-content-type-options: nosniff
age: 137483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157421
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 10:54:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 07 Mar 2024 01:55:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 794ms
513ms Script
text/javascript 172.217.20.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 15:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2982
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 17:17:30 GMT

GET
H2 200 /
www.midianewstop.com.br/ 281 KB
281 KB 370ms
13ms Image
text/html 142.250.185.243
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.midianewstop.com.br/

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.243 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f19.1e100.net

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Mar 2023 17:33:36 GMT
server: GSE
etag: W/"53895f8be618281cfc0eb38ae6801709d531d953d7e5621a8c300716c81aa684"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
x-robots-tag: all
content-length: 61917
x-xss-protection: 1; mode=block
expires: Thu, 09 Mar 2023 16:07:10 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v10/ 21 KB
21 KB 1359ms
0ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Origin: https://www.midianewstop.com.br
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:05:09 GMT
x-content-type-options: nosniff
age: 28922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21244
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:21:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 08:05:09 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/ 73 KB
74 KB 402ms
195ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e6435769dea358b59b3472298f81ca14ea97c5de7fdda93aa1e01708d14cc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Origin: https://www.midianewstop.com.br
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:10 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 566587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74656
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-123a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J46WY3sBV%2F3DnOal6qRIyM7TbsQLCWWVo5LKtg4FM9zEOgdiCU1tCaC4WrO8b4kJ1pX%2FvGw5sr%2FBuN0KYlGN3V7Gbm05nYDDkxYMghLPXwbJZaLJEPHhb6yABJhPz%2F3fjLgM1cly"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a5491c42ed935b4-WAW
expires: Tue, 27 Feb 2024 16:07:10 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/ 73 KB
73 KB 365ms
159ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

091c8d18b18ad6979e690fbebe9cab8362beef4fbfc810b8170020013debec8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Origin: https://www.midianewstop.com.br
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:10 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1795705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74328
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12258"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPOdIgqLyoHZdj2TR6QDPZrJXVTBx1c9cj8n8RVLQrklHui6PfIMuxKHC2lbJhwn%2BE2VYauWWk1dqD8d6Wos%2FdYDkRatksKUU8ppRbzD4nL5aGxPaRJ7nt%2BM0VpN4uCMNRyExcqq"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a5491c42ed635b4-WAW
expires: Tue, 27 Feb 2024 16:07:10 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v10/ 22 KB
22 KB 1369ms
0ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Origin: https://www.midianewstop.com.br
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 22:42:08 GMT
x-content-type-options: nosniff
age: 581103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22336
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:22:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 22:42:08 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 275ms
105ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4129695297624715&plah=www.midianewstop.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4129695297624715

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

5b29d62533528d6b05ebc9d8dcbb8d6a33d8b1d62ad10619abd161a2b7580f4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121462
x-xss-protection: 0
server: cafe
etag: 3082455387394557497
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:07:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/ Frame 6D36 10 KB
5 KB 510ms
31ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4129695297624715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 20577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:24:14 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 10:24:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 394ms
117ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L8WX1W8V3Q&gtm=45je3360&_p=1389963142&cid=368167936.1678378032&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678378031&sct=1&seg=0&dl=https%3A%2F%2Fwww.midianewstop.com.br%2F&dt=MidiaNewstop%20%C3%A9%20um%20site%20dedicado%20a%20noticiar%20as%20novidades%20sobre%20os%20servi%C3%A7os%20de%20streaming&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L8WX1W8V3Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:07:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.midianewstop.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
609 B 490ms
53ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.midianewstop.com.br&callback=_gfp_s_&client=ca-pub-4129695297624715

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4129695297624715&plah=www.midianewstop.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2083641ada4e983bb62d730fc66abaaea9a9d3a4d9b9324bda78307432434350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
531 B 460ms
54ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.midianewstop.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 479ms
73ms Script
application/javascript 172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.midianewstop.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B1F 250 KB
61 KB 589ms
545ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4129695297624715&output=html&adk=1812271804&adf=3025194257&lmt=1678296816&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fwww.midianewstop.com.br%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678378030863&bpp=36&bdt=926&idt=1533&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2541338075360&frm=20&pv=2&ga_vid=368167936.1678378032&ga_sid=1678378033&ga_hid=1389963142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C44777877%2C42531705&oid=2&pvsid=2492693930526928&tmod=1236861396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1931

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

cb5fc5a5809eede004a8f28f5c3bc1e192d97d357446498fa7d2f3077b96fad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61907
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 16:07:13 GMT
expires: Thu, 09 Mar 2023 16:07:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E80 111 KB
35 KB 560ms
536ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4129695297624715&output=html&h=280&slotname=7410528067&adk=2338157369&adf=2842348252&pi=t.ma~as.7410528067&w=1078&fwrn=4&fwrnh=100&lmt=1678296816&rafmt=1&format=1078x280&url=https%3A%2F%2Fwww.midianewstop.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678378030899&bpp=14&bdt=962&idt=2029&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2541338075360&frm=20&pv=1&ga_vid=368167936.1678378032&ga_sid=1678378033&ga_hid=1389963142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C44777877%2C42531705&oid=2&pvsid=2492693930526928&tmod=1236861396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dZJRQ4bjfi&p=https%3A//www.midianewstop.com.br&dtd=2126

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

fb75fa1260e33776a9ec0e75be5afe8d2228008e81f5b20fae6d92ace230bf7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35970
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 16:07:13 GMT
expires: Thu, 09 Mar 2023 16:07:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 72ms
71ms XHR
text/plain 172.217.20.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1389963142&t=pageview&_s=1&dl=https%3A%2F%2Fwww.midianewstop.com.br%2F&ul=en-us&de=UTF-8&dt=MidiaNewstop%20%C3%A9%20um%20site%20dedicado%20a%20noticiar%20as%20novidades%20sobre%20os%20servi%C3%A7os%20de%20streaming&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=2095177371&gjid=446548620&cid=368167936.1678378032&tid=UA-32717689-0&_gid=675697215.1678378033&_r=1&_slc=1&z=2072808038

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.midianewstop.com.br/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:07:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.midianewstop.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6E80 2 KB
944 B 182ms
65ms Stylesheet
text/css 142.251.39.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4129695297624715&output=html&h=280&slotname=7410528067&adk=2338157369&adf=2842348252&pi=t.ma~as.7410528067&w=1078&fwrn=4&fwrnh=100&lmt=1678296816&rafmt=1&format=1078x280&url=https%3A%2F%2Fwww.midianewstop.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678378030899&bpp=14&bdt=962&idt=2029&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2541338075360&frm=20&pv=1&ga_vid=368167936.1678378032&ga_sid=1678378033&ga_hid=1389963142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C44777877%2C42531705&oid=2&pvsid=2492693930526928&tmod=1236861396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dZJRQ4bjfi&p=https%3A//www.midianewstop.com.br&dtd=2126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f10.1e100.net

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 16:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 14:46:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 16:07:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 6E80 2 KB
818 B 180ms
71ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 6E80 22 KB
9 KB 150ms
59ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 10:51:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 6E80 3 KB
1 KB 55ms
55ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:26:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 14:26:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 6E80 20 KB
8 KB 151ms
61ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E80 158 KB
49 KB 364ms
179ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:07:14 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 6E80 34 KB
15 KB 225ms
76ms Script
text/javascript 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 22:26:14 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 150 KB
51 KB 102ms
102ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

69328a92488a6d5bc7b710ccd049ca0f9d13b7af05b450e89963c39e8882ce3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52063
x-xss-protection: 0
server: cafe
etag: 8901367931949734605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:07:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6E80 0
0 96ms
95ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaXkRMQQKZLXBC4qL7gPAr574CYjI2q1vkr7e6vcQkbH4gOUPEAEgj9rbkQFg6eTJhdgaoAG2l7T2AsgBCakCImbHX--6sT6oAwHIA8sEqgSTAk_QleGXC6qJGpR3kjdWDahfthyHvqdCsrsmeJCjopUpDtnZrHotUIBpXQvVg0D2zNauz3KLP7lVr43rS7UwWRvytrMn7pi73ZQEm4LxxErsphyGiKXDT366BFBvNJSFkkkbEO8L1THPRLJY3TT7dkhKO1t8otcEqAGUL2kSF-lSYu2ON1ZpautdA4bA5005-tHEjWHMWz5FtpHWJwTIFkSElPMsCuX1hxstkYqtdSnhTTh5QjfviwSH-SLiKaIU_qFIAKe2Dmpjf1cStx2OCkOtQz8jb9ER-PCR41hwa63zrnVPaIvWVY3WAPY-paLzDUyDzuZm1BKuKUB9CmXHlaUFnPzTCP6p8Ek5wq_zyvpemHMJwASwuoKL6QGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHsujLiQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQqIsB0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItNDEyOTY5NTI5NzYyNDcxNRgA&sigh=nlIdXmrbqyQ&uach_m=[UACH]&cid=CAQSGwDUE5ymuv81E-3GLfFLnJdwOpnzQY-sgqojNBgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4129695297624715&output=html&h=280&slotname=7410528067&adk=2338157369&adf=2842348252&pi=t.ma~as.7410528067&w=1078&fwrn=4&fwrnh=100&lmt=1678296816&rafmt=1&format=1078x280&url=https%3A%2F%2Fwww.midianewstop.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678378030899&bpp=14&bdt=962&idt=2029&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2541338075360&frm=20&pv=1&ga_vid=368167936.1678378032&ga_sid=1678378033&ga_hid=1389963142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=261&ady=160&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C44777877%2C42531705&oid=2&pvsid=2492693930526928&tmod=1236861396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dZJRQ4bjfi&p=https%3A//www.midianewstop.com.br&dtd=2126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 16:07:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 16:07:14 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 6E80 14 KB
14 KB 191ms
47ms Image
image/jpeg 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSHINT-p5Jnq1VqGFIq5ko4yFnXgdffeTDkJ2S1Di0ofdgY0OcOYZ7JXUsdPw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

a113392c0f3057f514e9c40eed483e3845bf5c9482891ed88dc43751499fba3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 01:31:41 GMT
x-content-type-options: nosniff
age: 570933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14190
x-xss-protection: 0
last-modified: Sun, 18 Dec 2022 10:02:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 02 Mar 2024 01:31:41 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6E80 36 KB
37 KB 251ms
52ms Image
image/jpeg 142.251.39.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRq2CXvWyjJfiE2jHhh325yO4ALvLKKCgfNeKzV_vaNFD2cB7t7kW6Rr-GABg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f14.1e100.net

Software

sffe /

Resource Hash

4c410baa8f691ce9185546e1a789d0f4fe2d5b6aef3d83d48c81a53cf6be8530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 21:24:25 GMT
x-content-type-options: nosniff
age: 153769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36899
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 08:15:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 06 Mar 2024 21:24:25 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6E80 36 KB
37 KB 251ms
53ms Image
image/jpeg 142.251.39.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTkobEfIO6qsuvRWsfIvHA0wLhTS_x3BmXVxWNWkCd6zbvz3k02s9JyjrA3eSc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f14.1e100.net

Software

sffe /

Resource Hash

dac8d8f2ff822500a26e71934e81e5bfb8729134e167264b0d07133596ac85ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:43:59 GMT
x-content-type-options: nosniff
age: 80595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37001
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 13:38:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 07 Mar 2024 17:43:59 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 6E80 23 KB
23 KB 267ms
69ms Image
image/jpeg 172.217.19.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQvd5zruF6S4TkyIWaM50Wl5ZYbGp-asyg1qgcLBIJuNMx5x7c8bOD7iSQDkQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s07-in-f110.1e100.net

Software

sffe /

Resource Hash

1f5c053b7eb030997ea19d92e50e8b7e8e1c233a4967c6d24ceea1ce548b7abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 02:20:11 GMT
x-content-type-options: nosniff
age: 136023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23080
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 13:23:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 07 Mar 2024 02:20:11 GMT

GET
H3

200

8855445465861027368
tpc.googlesyndication.com/simgad/ Frame 6E80
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDb4P-e2wEQsAkYsAkyCL09P_fsbKR5
https://tpc.googlesyndication.com/simgad/8855445465861027368

183 KB
183 KB

52ms
51ms

Image
image/jpeg

142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8855445465861027368

Requested by

Protocol

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

1507cf1ff85ae30a9f9e9fec3b48b8fed07b9da628bcac4b7d53154d25b50914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 23:01:48 GMT
x-content-type-options: nosniff
age: 493526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187647
x-xss-protection: 0
last-modified: Thu, 27 Dec 2018 10:51:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 23:01:48 GMT

Redirect headers

date: Thu, 09 Mar 2023 09:26:53 GMT
x-content-type-options: nosniff
server: cafe
age: 24021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/8855445465861027368
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 08 Apr 2023 09:26:53 GMT

GET
H2

200

/ Show response
fontpis.blogspot.com/
Redirect Chain

https://blogpager.com/dataoldert1.js
https://fontpis.blogspot.com/

0
0

228ms
162ms

Script
text/html

142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fontpis.blogspot.com/
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Server: 142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Thu, 09 Mar 2023 16:07:16 GMT
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
content-type: text/html
location: https://fontpis.blogspot.com/
cache-control: no-cache, no-store, must-revalidate, max-age=0
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 683

GET
H2 200 / Show response
www.shareron.xyz/ Frame B53C 34 KB
8 KB 421ms
179ms Document
text/html 142.250.185.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shareron.xyz/

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.243 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f19.1e100.net

Software

GSE /

Resource Hash

440e807c1ab14274b7c5b49ec3fb674814dc3fdb6e04136d81906768aeaaf975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 8372
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 16:07:14 GMT
etag: W/"1314618b04b8425063ffdc0fcb0ab9f869e931b8123c95b3c2a82fdad2aec737"
expires: Thu, 09 Mar 2023 16:07:14 GMT
last-modified: Tue, 07 Mar 2023 11:17:39 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v10/ 21 KB
21 KB 69ms
59ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Origin: https://www.midianewstop.com.br
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 23:03:58 GMT
x-content-type-options: nosniff
age: 579796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21304
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:21:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 23:03:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
165 B 74ms
54ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.midianewstop.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 72ms
69ms Script
application/javascript 172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.midianewstop.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame 9E61 10 KB
4 KB 53ms
46ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 43181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 04:07:33 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 04:07:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/ Frame E682 10 KB
4 KB 98ms
47ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 43181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 04:07:33 GMT
etag: 2378337311435320485
expires: Thu, 23 Mar 2023 04:07:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/ Show response
bloggerfollowerss.blogspot.com/ Frame 0364
Redirect Chain

https://bloggerfollowerss.blogspot.com.br/
https://bloggerfollowerss.blogspot.com/

25 KB
7 KB

225ms
153ms

Document
text/html

142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bloggerfollowerss.blogspot.com/

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

GSE /

Resource Hash

df4e725585a7d5794985fa58fc90d66b82344c9092dedb02cd3945b91c6a5e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 6970
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 16:07:15 GMT
etag: W/"723d931243516e67f604c79b9f596463885449094a9f859f13a2a131d3941abf"
expires: Thu, 09 Mar 2023 16:07:15 GMT
last-modified: Tue, 07 Mar 2023 10:12:48 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 183
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 16:07:15 GMT
expires: Thu, 09 Mar 2023 16:07:15 GMT
location: https://bloggerfollowerss.blogspot.com/
server: GSE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 6E80 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0f27b7a8cdcf93ce9173bfbfd8514cff25debf12e3ceca3a754c8e3a9d5b5e4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ Frame B53C 35 KB
8 KB 48ms
47ms Stylesheet
text/css 142.251.39.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: www.shareron.xyz
URL: https://www.shareron.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f9.1e100.net

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.shareron.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 23:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7776
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 13:52:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 06 Mar 2024 23:04:44 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame B53C 54 KB
21 KB 171ms
56ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.shareron.xyz
URL: https://www.shareron.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

741320cbce78024402c32b398ee721a66d36185fd20d354abcae5c59f6b2a7db

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.shareron.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 16:07:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21023
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "a59c59362ca41c12"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:07:15 GMT

GET
H2

200

1325.png Show response
widgets.amung.us/small/13/ Frame B53C
Redirect Chain

https://whos.amung.us/swidget/blogger111
https://widgets.amung.us/small/13/1325.png

332 B
503 B

59ms
40ms

Script
image/png

104.22.74.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/small/13/1325.png
Requested by: Host: www.shareron.xyz
URL: https://www.shareron.xyz/
Protocol: H2
Server: 104.22.74.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d112a15e5ac3aa0877a2e06bbb4402b4ebe742bcf355555c46defa4da344a1a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.shareron.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:16 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Jun 2010 09:48:30 GMT
server: cloudflare
age: 1881373
etag: "4c14a96e-14c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a5491eaec45bf49-WAW
content-length: 332
expires: Thu, 16 Feb 2023 21:31:03 GMT

Redirect headers

location: https://widgets.amung.us/small/13/1325.png
date: Thu, 09 Mar 2023 16:07:16 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a5491e70838bf49-WAW
content-type: text/html; charset=UTF-8

GET
H2 200 cookienotice.js Show response
www.shareron.xyz/js/ Frame B53C 6 KB
2 KB 105ms
76ms Script
text/javascript 142.250.185.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shareron.xyz/js/cookienotice.js

Requested by

Host: www.shareron.xyz
URL: https://www.shareron.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.243 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f19.1e100.net

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.shareron.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Mar 2023 13:49:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 16 Mar 2023 16:07:16 GMT

GET
H2 200 2934694217-widgets.js Show response
www.blogger.com/static/v1/widgets/ Frame B53C 154 KB
154 KB 45ms
44ms Script
text/javascript 142.251.39.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2934694217-widgets.js

Requested by

Host: www.shareron.xyz
URL: https://www.shareron.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f9.1e100.net

Software

sffe /

Resource Hash

dca08c42d9f052af7080d028223adf089d6036d826dff8941fd4158f529d3a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.shareron.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 02:02:52 GMT
x-content-type-options: nosniff
age: 309863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157231
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 01:49:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 05 Mar 2024 02:02:52 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 149D 436 B
232 B 251ms
236ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-4129695297624715&output=html&h=600&slotname=7410528067&adk=1027938309&adf=1057941841&pi=t.ma~as.7410528067&w=278&fwrn=4&fwrnh=100&lmt=1678296816&rafmt=1&format=278x600&url=https%3A%2F%2Fwww.midianewstop.com.br%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678378035220&bpp=10&bdt=5283&idt=11&shv=r20230306&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc44b3c73267047c6-22f4b6fa48dd00aa%3AT%3D1678378033%3ART%3D1678378033%3AS%3DALNI_MY4TmFK1uB8TRVnzOg3mwnyNxHATA&gpic=UID%3D00000bc2b1bb7448%3AT%3D1678378033%3ART%3D1678378033%3AS%3DALNI_Ma0MUcd9_yoeQ74gCFPgBnZ4AyUfA&prev_fmts=0x0%2C1078x280%2C1600x1200%2C1005x124&nras=3&correlator=2541338075360&frm=20&pv=1&ga_vid=368167936.1678378032&ga_sid=1678378033&ga_hid=1389963142&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=849&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C44777877%2C42531705&oid=2&psts=AD37Y7vkK83OFZ_Xc31v_8zA4A0Ek55PJFkhcoY2uZtaR7ZxCgRehSOnZCrraQC1wpwFpiyFALvRIodRhJo4J-ALow&pvsid=2492693930526928&tmod=1236861396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=5tZu7noQ45&p=https%3A//www.midianewstop.com.br&dtd=82

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

ebaaf1e048c274c44d7c2b662b4cd5cfda8b573cbd2b6f7c77aa3c1666f4ebc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 16:07:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 9E61 4 KB
732 B 96ms
79ms Stylesheet
text/css 142.251.39.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f10.1e100.net

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 16:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 14:58:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 16:07:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9E61 205 B
518 B 64ms
60ms Image
image/png 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:38:31 GMT
x-content-type-options: nosniff
age: 5324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Mar 2024 14:38:31 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9E61 604 B
694 B 95ms
95ms Image
image/png 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:04:02 GMT
x-content-type-options: nosniff
age: 193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Mar 2024 16:04:02 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame 9E61 20 KB
8 KB 103ms
102ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8547
x-xss-protection: 0
server: cafe
etag: 17360858034827311943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 01:48:26 GMT

GET
H2 200 89d7ca8249da9b1fce758df22cf4efd3.js Show response
www.gstatic.com/mysidia/ Frame E682 10 KB
4 KB 55ms
55ms Script
text/javascript 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 09:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4405
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 09:02:20 GMT

GET
H2 200 67aaecca7d4c17753e791d23613bc19c.js Show response
www.gstatic.com/mysidia/ Frame E682 11 KB
5 KB 54ms
54ms Script
text/javascript 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67aaecca7d4c17753e791d23613bc19c.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

85adddf8b04a947f000872c064145ddd13125e63a024e720664bf184a7144ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 09:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4817
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 09:43:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E682 8 KB
969 B 71ms
71ms Stylesheet
text/css 142.251.39.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f10.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 16:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 14:46:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 16:07:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame E682 2 KB
765 B 54ms
54ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame E682 22 KB
9 KB 69ms
69ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 10:51:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame E682 3 KB
1 KB 84ms
83ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:26:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 14:26:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame E682 20 KB
8 KB 85ms
71ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E682 158 KB
49 KB 130ms
70ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:07:15 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame E682 34 KB
14 KB 69ms
52ms Script
text/javascript 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 17:07:29 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 92ms
77ms Script
application/javascript 156.146.33.27
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.27 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 09 Mar 2023 16:07:15 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 39759
x-77-nzt: AZySIRkPd+T/T5sAAA
pragma: public
x-accel-expires: @1678424676
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: CDN77-Turbo
x-77-nzt-ray: cf878727e141583433040a64cd698e37
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Fri, 10 Mar 2023 05:04:36 GMT

GET
H3 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ Frame 0364 35 KB
8 KB 50ms
50ms Stylesheet
text/css 142.251.39.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: bloggerfollowerss.blogspot.com
URL: https://bloggerfollowerss.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f9.1e100.net

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bloggerfollowerss.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 23:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7776
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 13:52:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 06 Mar 2024 23:04:44 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 0364 54 KB
21 KB 62ms
61ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: bloggerfollowerss.blogspot.com
URL: https://bloggerfollowerss.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

741320cbce78024402c32b398ee721a66d36185fd20d354abcae5c59f6b2a7db

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bloggerfollowerss.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 16:07:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21023
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "a59c59362ca41c12"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:07:15 GMT

GET
H2

200

1330.png Show response
widgets.amung.us/small/13/ Frame 0364
Redirect Chain

https://whos.amung.us/swidget/26ri8qf50jwy
https://widgets.amung.us/small/13/1330.png

338 B
464 B

41ms
40ms

Script
image/png

104.22.74.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/small/13/1330.png
Requested by: Host: bloggerfollowerss.blogspot.com
URL: https://bloggerfollowerss.blogspot.com/
Protocol: H2
Server: 104.22.74.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08b383a8c3d5338770f8ace7a477fa42a2eeaddc21b2c7f76ca848963e89a8fb

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bloggerfollowerss.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:17 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Jun 2010 09:48:30 GMT
server: cloudflare
age: 221761
etag: "4c14a96e-152"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a5491ee5f63bf49-WAW
content-length: 338
expires: Wed, 08 Mar 2023 02:31:16 GMT

Redirect headers

location: https://widgets.amung.us/small/13/1330.png
date: Thu, 09 Mar 2023 16:07:16 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a5491e9fb18bf49-WAW
content-type: text/html; charset=UTF-8

GET
H3 200 cookienotice.js Show response
bloggerfollowerss.blogspot.com/js/ Frame 0364 6 KB
2 KB 48ms
48ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bloggerfollowerss.blogspot.com/js/cookienotice.js

Requested by

Host: bloggerfollowerss.blogspot.com
URL: https://bloggerfollowerss.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bloggerfollowerss.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 12:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531922
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2026
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:52:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 10 Mar 2023 12:21:55 GMT

GET
H3 200 2934694217-widgets.js Show response
www.blogger.com/static/v1/widgets/ Frame 0364 154 KB
154 KB 49ms
48ms Script
text/javascript 142.251.39.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2934694217-widgets.js

Requested by

Host: bloggerfollowerss.blogspot.com
URL: https://bloggerfollowerss.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f9.1e100.net

Software

sffe /

Resource Hash

dca08c42d9f052af7080d028223adf089d6036d826dff8941fd4158f529d3a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bloggerfollowerss.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 02:02:52 GMT
x-content-type-options: nosniff
age: 309863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157231
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 01:49:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 05 Mar 2024 02:02:52 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 527ms
195ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=102851&f=3&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 16:07:16 GMT
server: nginx
x-iplb-request-id: B0435698:E71E_36264064:01BB_640A0434_58FADC4:24ECC
x-iplb-instance: 38437
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 97 KB
33 KB 439ms
113ms Script
application/javascript 2.16.186.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-26.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bba344a2df0d2edc455dd9da08e2362285f2fd395ccd4838d325ff7f74725bdb

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 16:07:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 33481
Expires: Thu, 09 Mar 2023 18:07:16 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
291 B 318ms
0ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:16 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 451568
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 152ms
61ms Script
application/javascript 104.22.25.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:16 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 3441
cf-polished: origSize=62056
cf-bgj: minify
last-modified: Thu, 09 Mar 2023 15:09:55 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ads4.pro
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 7a5491e72cd6bf35-WAW
access-control-allow-headers: *
expires: Thu, 09 Mar 2023 16:09:55 GMT

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 418ms
86ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 16:07:16 GMT
Last-Modified: Thu, 07 Oct 2021 11:26:48 GMT
Server: nginx/1.20.1
X-IPLB-Request-ID: B0435698:D830_91EFC133:01BB_640A0434_8563B420:14265
ETag: "615ed978-15ab"
X-IPLB-Instance: 29922
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 204 /
onetag-sys.com/usync/ Frame ADCC 0
0 385ms
68ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678378036233

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 384ms
68ms Script
application/javascript 91.228.74.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 14d84079758cedde0bb45369cb6f7e7d25cc3b287605e00d42805514fdd0b83c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:16 GMT
content-encoding: gzip
etag: "sCsI4IX19r4ykIX4lYSZTA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 16 Mar 2023 16:07:16 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12777/ 2 KB
2 KB 513ms
69ms Script
application/javascript 52.209.105.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12777/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.105.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-105-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 20cb4041bd17f3ff36a3f2eeb0dfacc5e3c2432949f4c02982ac566401e4c47c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:16 GMT
cache-control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1990
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 360ms
72ms Script
text/javascript 108.156.13.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.13.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-13-118.hel51.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 04:21:18 GMT
Via: 1.1 45ff2040e09b26d7b6a62f48718e1406.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Amz-Cf-Pop: HEL51-P1
Age: 42384
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: bsJpdtZeD5zzfu9knM7yD2BaJiIzJ66cTh1l4BbsYXNbezlZkt7yWQ==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid7_35/build/dist/ 587 KB
185 KB 83ms
83ms Script
application/javascript 156.146.33.27
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.27 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 663193551.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 9c9758144bcd45ed42a41b65ef12341715aaaeb03d994141718f1b6aef9dc8a0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 09 Mar 2023 16:07:16 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 39759
x-77-nzt: AZySIRmMvKn/T5sAAA
pragma: public
x-accel-expires: @1678424677
last-modified: Mon, 06 Feb 2023 22:21:08 GMT
server: CDN77-Turbo
x-77-nzt-ray: cf878727e141583434040a641dd9d311
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Fri, 10 Mar 2023 05:04:37 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6E80 20 KB
20 KB 112ms
88ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 15:30:25 GMT
x-content-type-options: nosniff
age: 520611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 15:30:25 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 227ms
51ms Script
application/javascript 13.32.110.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-121.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:06:35 GMT
content-encoding: gzip
via: 1.1 e77ae8cfd42b65dd9027fa08596c6f2a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 49
x-amz-server-side-encryption: AES256
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: dCaQADHs2jwhkBdmWJQdXNgBAtfFfLpc7uN03XaHqjVnwX1F7_xtOQ==

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.gQ1LfBzlfX8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ/ Frame B53C 180 KB
60 KB 59ms
58ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.gQ1LfBzlfX8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

24680041a592b865b4661bf2bdb69e95040dfb4f77601e7293a367cd3d340105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.shareron.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 22:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61004
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 22:10:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B53C 47 B
67 B 54ms
53ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.shareron.xyz
URL: https://www.shareron.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.shareron.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:41:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:41:02 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 66ms
66ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=102851&f=3&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 16:07:17 GMT
server: nginx
x-iplb-request-id: B0435698:E71E_36264064:01BB_640A0434_58FADE4:24ECC
x-iplb-instance: 38437
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 211ms
128ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=102851&f=3&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=102851&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 16:07:17 GMT
server: nginx
x-iplb-request-id: B0435698:E71E_36264064:01BB_640A0435_58FAE26:24ECC
x-iplb-instance: 38437
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14802834704667957059/ Frame E682 2 KB
2 KB 57ms
55ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14802834704667957059/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

94043d12a98e2604aa2e2462694de3c33213f8ef68d11a58808002226d18e79b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 21:23:34 GMT
x-content-type-options: nosniff
age: 67423
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1967
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 05:32:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 21:23:34 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 72ms
58ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L8WX1W8V3Q&gtm=45je3360&_p=1389963142&cid=368167936.1678378032&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1678378031&sct=1&seg=0&dl=https%3A%2F%2Fwww.midianewstop.com.br%2F&dt=MidiaNewstop%20%C3%A9%20um%20site%20dedicado%20a%20noticiar%20as%20novidades%20sobre%20os%20servi%C3%A7os%20de%20streaming&en=scroll&epn.percent_scrolled=90&_et=20
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L8WX1W8V3Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:07:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.midianewstop.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7220 36 KB
14 KB 43ms
43ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 14:21:52 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.gQ1LfBzlfX8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ/ Frame 0364 180 KB
60 KB 54ms
53ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.gQ1LfBzlfX8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

24680041a592b865b4661bf2bdb69e95040dfb4f77601e7293a367cd3d340105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bloggerfollowerss.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 22:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61004
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 22:10:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0364 47 B
67 B 72ms
72ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: bloggerfollowerss.blogspot.com
URL: https://bloggerfollowerss.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://bloggerfollowerss.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:41:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:41:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D0B4 8 KB
895 B 73ms
72ms Stylesheet
text/css 142.251.39.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f10.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Mar 2023 16:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 14:56:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Mar 2023 16:07:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame D0B4 2 KB
765 B 56ms
55ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55084
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame D0B4 22 KB
9 KB 52ms
52ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 10:51:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame D0B4 3 KB
1 KB 51ms
51ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:26:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 14:26:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame D0B4 20 KB
8 KB 68ms
57ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55084
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:49:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D0B4 158 KB
49 KB 107ms
95ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:07:17 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame D0B4 34 KB
14 KB 59ms
53ms Script
text/javascript 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 17:07:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E682 0
0 130ms
124ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdOp2MAQKZNjOOcLh7gPPgZ7wD_7oyb1stNey-9QPmKvT_8UiEAEgj9rbkQFg6eTJhdgaoAH4o7-ZAsgBAakCROTE8dVKjj6oAwGqBJ0CT9BB8WvxEqeMLsoixfd6AH12sD7dGyJX7lpo9RnfWbW-F-4Rh6-FBHua7QVYys5fp2V0Ba5AcoPYJiD7TcBzeCmcBWhXogttdMV26cHmZk6kxfdBrqPgj_jU-gD8qYKk2ejiWVrgP4CW6vlsgcGcgnWlAFFjU6bQ852eRNrTNGJiu6q42CJIwwVyuIVDLbt5wELb_BPh9MFGGUeOEm0n_Eg6FqL5_N8fmZTvzQPLVMskA8JB-J5V0dJhT7iS9t1y8jpk_6EofHrbo0BBhJylDJBmgyQ12vxPdWKW1hSSUIbkbHwnzmEQUtP3jodsFZF3dNoelw0XTWHrvlGqw4V4J9f-wYo_IniqYjiR_X8ZIu1O8t13Z8Y1b3hT4xHiwASE-aSN_gOSBQQIBBgBkgUECAUYBIAH8NvA5gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD1jwHSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi00MTI5Njk1Mjk3NjI0NzE1GAA&sigh=TKubqIEounc&uach_m=[UACH]&cid=CAQSGwDUE5ymAUvmXvxUMm9z591y66dA6ZuAwZG-yBgB&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 16:07:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 39CA 143 B
166 B 67ms
62ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 1219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 15:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 232ms
57ms Script
application/javascript 13.32.110.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-98.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:07:50 GMT
content-encoding: gzip
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 3568
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: ySraEQvfT8aUJDC9TUk4wC7jSV-Ywoc0FV6RNo_L0EXB3YUUYf5xnw==

GET
DATA 200
OK truncated
/ Frame E682 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0247b5224da8e3a6d08994e023716ee856e0c78c7631430413a857746102ee13

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 86ms
85ms Script
text/javascript 142.250.201.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f10.1e100.net

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 17:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:35:27 GMT

GET
H2 200 / Show response
spl.zeotap.com/ 429 B
655 B 55ms
55ms XHR
text/html 104.22.25.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9892ae4499103f94eef850c2a6551d624e4420c602b05415706c418923c71ec0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.midianewstop.com.br
access-control-allow-credentials: true
cf-ray: 7a5491f6ede4bf35-WAW
access-control-allow-headers: *

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6E80 42 B
64 B 98ms
98ms Fetch
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvl3FqIhg7QFufyHi5mTTFaYikZ3iCEjTAwqQq_6BmJ_O2H83Ba3urk8VvOWibCnivr9d6JQyA7KqZmsqdzkSJePGFoamoY2EuHd5GoWqbk33EXP-ngDaZ8Gf6k5ARC0d9WQJ0mYA&sai=AMfl-YTtlo3hWrISvvEHAsRy9e0Vi7q1i07cHoc-9n_woBjsUYFht_F5dg9A9gTAlxrD3hZEuLbkWCsEEdWN&sig=Cg0ArKJSzNuEY4PWE0HAEAE&cid=CAQSGwDUE5ymuv81E-3GLfFLnJdwOpnzQY-sgqojNBgB&id=lidar2&mcvt=1948&p=0,0,280,1078&mtos=1948,1948,1948,1948,1948&tos=1948,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2338157369&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678378033035&rpt=4032&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:07:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 33EE 7 KB
3 KB 755ms
755ms Document
text/html 142.251.39.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=9003510625708172462&blogName=blog&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.shareron.xyz/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.shareron.xyz/&vt=-1453047885714763780&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.pl.gQ1LfBzlfX8.O%2Fd%3D1%2Frs%3DAHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.gQ1LfBzlfX8.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f9.1e100.net

Software

GSE /

Resource Hash

b080f5a29495cbbedd7ff0136b9218363af56069d55c118aef29e4db40155dc4

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shareron.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2611
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 16:07:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/42/ 177 KB
47 KB 55ms
55ms Script
text/javascript 13.32.110.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-121.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:16:43 GMT
content-encoding: gzip
via: 1.1 e77ae8cfd42b65dd9027fa08596c6f2a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 56601
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
server: AmazonS3
etag: W/"9494b70738cd74c9137e65c29c0b1f3e"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: ySJ564LddYe422ZyM2Cai9UchDQLZpAY0QYPk3IPdmhaiLqz2N-PNw==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 906ms
48ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

53cc7af610a62742b523f49f2956d5993c7a91be839655c30de12ff918896d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 16:07:20 GMT
content-md5: GoWxOwhV/0E8EWTRMnrTQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: OI5v8EYgGbGw3Y+8DmXL+HNTU3KuhUiOjo3mYdyHUGpHOmasVGqO61F4M47gL9OeCKQh7DkmGZ2SjdKuZmi1bw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: bd60672d92b6860cad724a3fe7616436
cross-origin-opener-policy: same-origin-allow-popups
etag: "31aac9ea3460517308a28534ab77ce1a"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:13:36 GMT

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 4B59 7 KB
3 KB 191ms
169ms Document
text/html 142.251.39.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=9050181614662338786&blogName=Blogger&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://bloggerfollowerss.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://bloggerfollowerss.blogspot.com/&vt=5421300568484352217&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.pl.gQ1LfBzlfX8.O%2Fd%3D1%2Frs%3DAHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ%2Fm%3D__features__

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f9.1e100.net

Software

GSE /

Resource Hash

2d4e3edd0808eefbe1ac5d8b7e19dc46bd4fe7689b5e8824258e6d979e97b0c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloggerfollowerss.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2636
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 16:07:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 39CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
54ms

Document
text/html

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 16:07:25 GMT
expires: Thu, 09 Mar 2023 16:07:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 16:07:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f36a7693-7f8d-49d0-7b66-c6a2c00b29ef&reqId=468f8567-5202-47f0-7bc7-34c57e0bf56b&...
https://mwzeom.zeotap.com/mw?google_gid=CAESEPP5aSuJrsnpGg_hKw9P2cA&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f36a7693-7f8d-49d0-7b66-c6a2c00b29ef&reqId=468f8567-5202-47f0-7bc...

95 B
186 B

90ms
78ms

Image
image/png

104.22.25.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEPP5aSuJrsnpGg_hKw9P2cA&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f36a7693-7f8d-49d0-7b66-c6a2c00b29ef&reqId=468f8567-5202-47f0-7bc7-34c57e0bf56b&zdid=1258
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Server: 104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://www.midianewstop.com.br
access-control-allow-credentials: true
cf-ray: 7a54921edb7fbf35-WAW
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:07:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEPP5aSuJrsnpGg_hKw9P2cA&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f36a7693-7f8d-49d0-7b66-c6a2c00b29ef&reqId=468f8567-5202-47f0-7bc7-34c57e0bf56b&zdid=1258
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 9.gif
id5-sync.com/i/12/ 43 B
1 KB 165ms
49ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 09 Mar 2023 16:07:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C5C6 436 B
234 B 254ms
248ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

59556aff719e77f359b10859e20c241c8b232214f838fa6688d2bb3dbca82b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 16:07:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 default Show response
www.midianewstop.com.br/feeds/posts/ 66 KB
12 KB 488ms
481ms XHR
text/javascript 142.250.185.243
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.midianewstop.com.br/feeds/posts/default?alt=json-in-script&max-results=6&callback=jQuery1124007647544195449063_1678378038170&_=1678378038171

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.243 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f19.1e100.net

Software

blogger-renderd /

Resource Hash

085ddd412d067afef279c75b3bbbb02c6c4c7f6419ddd6da5a666fb4ba5eefe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.midianewstop.com.br/
X-Requested-With: XMLHttpRequest
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Mar 2023 17:33:36 GMT
server: blogger-renderd
etag: W/"c56420bcc7547c5d119ae466a095af55a94565ea0ad23af0b5e19353f3659b69"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 11802
x-xss-protection: 0
expires: Thu, 09 Mar 2023 16:07:26 GMT

GET
H2 200 AHs97-mxpiw_4bLpCEH_BlgGJts2P51XVxR-r-aikDt4a2jtHN1qdqxBbRd0CZYcy3KkOijY7Fr57O6B-p1zDP6XV8gipkh_9WLEycn7xrrPFjThdRqwcx34Jw=w200-h130-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 7 KB
7 KB 65ms
64ms Image
image/jpeg 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-mxpiw_4bLpCEH_BlgGJts2P51XVxR-r-aikDt4a2jtHN1qdqxBbRd0CZYcy3KkOijY7Fr57O6B-p1zDP6XV8gipkh_9WLEycn7xrrPFjThdRqwcx34Jw=w200-h130-p-k-no-nu

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

a5f4866d177bda18188b1b7e8f2b5613b28d821052de499a0110707f240fc8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:25 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7145
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:25 GMT

GET
H2 200 AHs97-kApH0LQdLd1krIBj44yf8b_88KeBPhzszAiQGqyQinlCFpTKsTWeqIwQooaQ-nulxicNdhOjV8ahqy4DO1MPFsJzGbSwQ27J6ns_0amYg7dROJS0qRF23F0T6CTKFUeELK16cxxA=w200-h130-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 5 KB
5 KB 72ms
69ms Image
image/png 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

849c05db56b3a45045003b8b4085590538b7e685a564981ff618f66b6a04de04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:25 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4755
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:25 GMT

GET
H2 200 Captura%20de%20tela%202023-03-05%20135741.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCYFM5DcvDnWiuM4rCGcqWnwxAjZ2V1O6eCXpEw4o4yKdibguz--MjNKlcMw6xwkybCJ2xejOxfhSn1-ZfHPhUoJl1UXcCpMgvYnoRXyFrwKyfgA2P8m1Ky7g7MLo4QGCK52tXalZSPI-gAUOJ... 41 KB
41 KB 487ms
485ms Image
image/png 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCYFM5DcvDnWiuM4rCGcqWnwxAjZ2V1O6eCXpEw4o4yKdibguz--MjNKlcMw6xwkybCJ2xejOxfhSn1-ZfHPhUoJl1UXcCpMgvYnoRXyFrwKyfgA2P8m1Ky7g7MLo4QGCK52tXalZSPI-gAUOJw11xZNRqLtt9siQf3a_BrJe2J5EPtp2VY9rUD_Ym/w200-h130-p-k-no-nu/Captura%20de%20tela%202023-03-05%20135741.png

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

455747d80e085325fa17de57345442abda395bdd7afbfd553b4ceaf614fef762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v13f7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Captura de tela 2023-03-05 135741.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42382
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:25 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 33EE 54 KB
21 KB 52ms
52ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=9003510625708172462&blogName=blog&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.shareron.xyz/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.shareron.xyz/&vt=-1453047885714763780&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.pl.gQ1LfBzlfX8.O%2Fd%3D1%2Frs%3DAHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

14eac77f85d3bc8f64f3456e4e909822fca29038dd326a0578fe59bdc013f3b3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 16:07:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21035
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "f73a3a875caee5f6"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:07:25 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 4B59 54 KB
21 KB 63ms
63ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=9050181614662338786&blogName=Blogger&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://bloggerfollowerss.blogspot.com/search&blogLocale=pt_BR&v=2&homepageUrl=https://bloggerfollowerss.blogspot.com/&vt=5421300568484352217&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.pl.gQ1LfBzlfX8.O%2Fd%3D1%2Frs%3DAHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

14eac77f85d3bc8f64f3456e4e909822fca29038dd326a0578fe59bdc013f3b3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 16:07:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21035
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "f73a3a875caee5f6"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 16:07:25 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
534 B 301ms
67ms XHR
application/x-javascript 52.214.64.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.64.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-64-2.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.midianewstop.com.br/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 16:07:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Mar 2023 16:07:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.midianewstop.com.br
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 185ms
60ms XHR
application/json 18.66.147.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-62.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aabaf8b1092cf0bc20fe1f9ac2add483fecb6e7561cb5f9161c1b17ed83d28ac

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.midianewstop.com.br/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:00:36 GMT
x-amz-version-id: uRgkyVnCszgWxLOEMMXOPZ0LpGeod8MZ
content-encoding: gzip
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 47210
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 28 Feb 2023 19:55:44 GMT
server: AmazonS3
etag: W/"827ab5dd7888f65fa2e62721058d39d0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: YR-Ei-MyynNrjNX8nX6ayy8J1C-eAEXBpl_D6d1vQ_rp048YqVjFBg==

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B2D 36 KB
14 KB 44ms
43ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 14:21:52 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 102ms
50ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8ab4da98eaa1b2ab0f5ba14cf8381276

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

beec12581311822abaefe0c1af664e5969b40883a0eeb5ccde223a5170daaf8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.midianewstop.com.br/
Origin: https://www.midianewstop.com.br
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 16:07:25 GMT
content-md5: V3fUUPF31lToVpYUF5imLw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87098
x-fb-rlafr: 0
x-fb-debug: d6Qpd6P7V+oM2E93f53kjCZdbnbcGBQQYMjcQk3rlMyiSNoKEqzv4cxelZhLwAV4ra4GCuMMLWK+qJbc9xEIBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 149764d8ec8e892631d03fe0dadec1a9
cross-origin-opener-policy: same-origin-allow-popups
etag: "7ba5cb1aeed01684caf09fdc3b498e37"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Mar 2024 12:21:27 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.gQ1LfBzlfX8.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ/ Frame 33EE 133 KB
45 KB 45ms
44ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.gQ1LfBzlfX8.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

d87f5cfa66246ad01156ba11239fa5ec3be55d9124f5390f1f85bc7d666de69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 15:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45616
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 15:27:44 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.gQ1LfBzlfX8.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ/ Frame 4B59 133 KB
45 KB 62ms
62ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.pl.gQ1LfBzlfX8.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gbppJlMZVmFtRqtlzYOBdG2XvhQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

d87f5cfa66246ad01156ba11239fa5ec3be55d9124f5390f1f85bc7d666de69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 15:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45616
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 15:27:44 GMT

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/42/ 230 KB
56 KB 49ms
48ms Script
text/javascript 13.32.110.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-121.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 23:40:38 GMT
content-encoding: br
via: 1.1 e77ae8cfd42b65dd9027fa08596c6f2a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 145608
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 05 Jul 2022 18:40:26 GMT
server: AmazonS3
etag: W/"24932b3e61742029985961c24d35dbb7"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: aYLLxYqF-iPSVyuxqUJiQFKd2kPK8uiiALLALWTMvF4m8tDYpFs5jw==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 350 KB
43 KB 188ms
57ms XHR
application/json 13.32.110.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-121.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba076d2ac4bfa825e852b9c8df5b6f5616d2c8ed887c5c3914934214a601f684

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:00:36 GMT
content-encoding: br
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 47210
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 09 Mar 2023 03:00:33 GMT
server: AmazonS3
etag: W/"e60035726c3f630058b67c9c3a398b8a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: nbaMyvbvGeDVAMsg3Ejl8nW7O4kR0FvZhpFYjXgc7YZhlRIEvczRvQ==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 151 KB
36 KB 228ms
107ms XHR
application/json 13.32.110.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-121.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.midianewstop.com.br/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 03:00:28 GMT
content-encoding: br
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 47218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 09 Mar 2023 03:00:26 GMT
server: AmazonS3
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 1dA-9F68KlABjcVHNm6UTDBZaHM99rB65JgUzHosRxar0DxhE5E-4g==

GET
H2 200 20482.jpg
cdn.phonemore.com/content/2023/jpg/ 63 KB
63 KB 621ms
267ms Image
image/jpeg 54.39.50.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.phonemore.com/content/2023/jpg/20482.jpg

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.39.50.44 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns558490.ip-54-39-50.net

Software

PhoneMore Group /

Resource Hash

bac43e45c5e565a3df3e9d7da7cd1870c28663fb7635184786a10d9242945def

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .google.com .google-analytics.com .disqus.com disqus.com .disquscdn.com .addthis.com .gstatic.com .googlesyndication.com .doubleclick.net *.rlcdn.com
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: connect-src 'self' *.google.com *.google-analytics.com *.disqus.com disqus.com *.disquscdn.com *.addthis.com *.gstatic.com *.googlesyndication.com *.doubleclick.net *.rlcdn.com
strict-transport-security: max-age=31536000;includeSubDomains;preload
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 16:07:25 GMT
last-modified: Thu, 02 Mar 2023 13:37:48 GMT
server: PhoneMore Group
etag: "f3ca7e2dc4dd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private,public,max-age=2592000
accept-ranges: bytes
content-length: 64204
x-xss-protection: 1; mode=block

GET
H2 200 20481.jpg
cdn.phonemore.com/content/2023/jpg/ 59 KB
59 KB 790ms
437ms Image
image/jpeg 54.39.50.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.phonemore.com/content/2023/jpg/20481.jpg

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.39.50.44 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns558490.ip-54-39-50.net

Software

PhoneMore Group /

Resource Hash

66b2d0f0991537e9ab14b22a5153cd67216d330b7ae1271c098eb3e5cc82256f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .google.com .google-analytics.com .disqus.com disqus.com .disquscdn.com .addthis.com .gstatic.com .googlesyndication.com .doubleclick.net *.rlcdn.com
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: connect-src 'self' *.google.com *.google-analytics.com *.disqus.com disqus.com *.disquscdn.com *.addthis.com *.gstatic.com *.googlesyndication.com *.doubleclick.net *.rlcdn.com
strict-transport-security: max-age=31536000;includeSubDomains;preload
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 16:07:25 GMT
last-modified: Thu, 02 Mar 2023 13:37:45 GMT
server: PhoneMore Group
etag: "f072a42bc4dd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private,public,max-age=2592000
accept-ranges: bytes
content-length: 60054
x-xss-protection: 1; mode=block

GET
H2 200 my-family-cinema.png
reclamacoes.net.br/wp-content/uploads/ 132 KB
133 KB 964ms
611ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reclamacoes.net.br/wp-content/uploads/my-family-cinema.png

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / portofacil.net

Resource Hash

ee12d0e8af1b47f15e0f3182d29707825bacc0c0f9037ae0cb73794cc99c8556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:26 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: portofacil.net
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 135033
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 05 Jan 2023 01:27:18 GMT
server: cloudflare
etag: "63b62776-20f79"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2233TjnC3ukx0Vnpx5lf0%2BiCmUhYhgU8Qm1lmcZLwaZR%2BTEe1yVFE0mlafTwPIbqlVYRHLGpWzC%2BgEYqmtRbdKnZzunoFlOKHaP02fjvsNSRRXT6cjLW4t4%2BVBUPZ%2FPsyj%2BFQYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7a549223c917bf38-WAW
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Captura%20de%20tela%202023-03-05%20135741.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCYFM5DcvDnWiuM4rCGcqWnwxAjZ2V1O6eCXpEw4o4yKdibguz--MjNKlcMw6xwkybCJ2xejOxfhSn1-ZfHPhUoJl1UXcCpMgvYnoRXyFrwKyfgA2P8m1Ky7g7MLo4QGCK52tXalZSPI-gAUOJ... 74 KB
74 KB 791ms
788ms Image
image/png 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

423ba8271342561e439d900ab0bed5167151f46896e7a041c1afe2b59486ed21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v13f7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Captura de tela 2023-03-05 135741.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75913
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:26 GMT

GET
H2

200

/
multimax.club/
Redirect Chain

https://multicanais1.com/wp-content/uploads/2023/02/Leicester-X-Arsenal-249x140.jpg
https://multimax.club/

0
0

363ms
219ms

Image
text/html

188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://multimax.club/
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Thu, 09 Mar 2023 16:07:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yIKb%2F%2F4fIP5rnQ%2Bq%2BvFrTK2np5%2BRcMYmaq4OLDpmdXHvnT176WbTevqd6Xmq9NlkYiRntXyPbYSpo40uqMcBmddLUyEvIOH9xfvkIoF7spCz87rdgoshEzFfOfahtlbzWvO"}],"group":"cf-nel","max_age":604800}
location: https://multimax.club
cache-control: max-age=3600
cf-ray: 7a5492222a73349e-WAW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Mar 2023 17:07:25 GMT

GET
H2 200 Logotipo_PFC.png
images.uncyc.org/pt/f/f1/ 92 KB
93 KB 557ms
466ms Image
image/png 172.67.213.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.uncyc.org/pt/f/f1/Logotipo_PFC.png
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.213.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dacdafddfd2dee05248afa84ebed85e1a9e944dd9a9eac6fb89afb160aace4a5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:26 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Jul 2017 14:30:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1712b-5536a9bc583a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yitGAcB5yozkOscI3Q0ZouxZS5I6a2dW9vJF5R63hyEH6Vh8lqX%2Foh4LmbeUCrDedoliBtHr6eI4iN%2Bb6P5Ts8XlcILpLKpoXRy1y%2Fi7kjbz%2FG%2F%2B72uuqKKl%2F15l4RsNLQp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a5492222a4e3bcf-WAW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94507

GET
H2

200

/
multimax.club/
Redirect Chain

https://multicanais1.com/wp-content/uploads/2023/02/Empoli-X-Napoli-249x140.jpg
https://multimax.club/

0
0

395ms
252ms

Image
text/html

188.114.96.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://multimax.club/
Requested by: Host: www.midianewstop.com.br
URL: https://www.midianewstop.com.br/
Protocol: H2
Server: 188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Thu, 09 Mar 2023 16:07:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZC%2FMjItqBdEBnUoMSya8vUcS4s%2BieqLmwTR5Lq9cHLyQAn3%2B%2BiVlonsE22vp5%2FmBYVzvLVIZTSQMWHsifxDmJsAVy5Y%2F0tnU9T3dcU2wLNI8vBy1C3vHpiLqja7ox31Tdg%2BF"}],"group":"cf-nel","max_age":604800}
location: https://multimax.club
cache-control: max-age=3600
cf-ray: 7a5492222a75349e-WAW
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Mar 2023 17:07:25 GMT

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 197ms
53ms XHR
text/plain 52.57.98.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22www.midianewstop.com.br%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1678378045860%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-xaj84xhccx8kdrwm1c3w%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.98.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-98-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.midianewstop.com.br/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 09 Mar 2023 16:07:26 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E682 42 B
64 B 160ms
159ms Fetch
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshWsmSr1K7ckRlJsHZn6QH7qivxFwjIGx2aKilpD-g_CA00Tz_7k75EeA8TlJCTcgIsLdCjWZ-7dCJxY8XcRGamqxIZ5NH6v6kIvAWi-Jn9WzTz3LnibgUmNkLfPkE6y0CD8w_Ng&sai=AMfl-YS66AEvzA77xlQzxlWflcPGpGezHMWgyW8KDDD2XC-73sC7rJ_Noi0U_fN5EsxBD_P51-U_hL-Dit2K&sig=Cg0ArKJSzOV8sQIah5RCEAE&cid=CAQSGwDUE5ymAUvmXvxUMm9z591y66dA6ZuAwZG-yBgB&id=lidar2&mcvt=1009&p=0,0,124,1005&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678378034753&rpt=10059&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:07:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 91ms
91ms XHR
application/json 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230306&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

9c5bf2824e173d42f2372c9ce1a57ca6ded7abd959b7409bc9a94fafda87f4a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12553
x-xss-protection: 0

GET
H3 200 AHs97-mxpiw_4bLpCEH_BlgGJts2P51XVxR-r-aikDt4a2jtHN1qdqxBbRd0CZYcy3KkOijY7Fr57O6B-p1zDP6XV8gipkh_9WLEycn7xrrPFjThdRqwcx34Jw=w200-h130-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 7 KB
7 KB 43ms
43ms Image
image/jpeg 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-mxpiw_4bLpCEH_BlgGJts2P51XVxR-r-aikDt4a2jtHN1qdqxBbRd0CZYcy3KkOijY7Fr57O6B-p1zDP6XV8gipkh_9WLEycn7xrrPFjThdRqwcx34Jw=w200-h130-p-k-no-nu

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

a5f4866d177bda18188b1b7e8f2b5613b28d821052de499a0110707f240fc8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:25 GMT
x-content-type-options: nosniff
server: fife
age: 1
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7145
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:25 GMT

GET
H3 200 AHs97-kApH0LQdLd1krIBj44yf8b_88KeBPhzszAiQGqyQinlCFpTKsTWeqIwQooaQ-nulxicNdhOjV8ahqy4DO1MPFsJzGbSwQ27J6ns_0amYg7dROJS0qRF23F0T6CTKFUeELK16cxxA=w200-h130-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 5 KB
5 KB 43ms
43ms Image
image/png 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

849c05db56b3a45045003b8b4085590538b7e685a564981ff618f66b6a04de04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:25 GMT
x-content-type-options: nosniff
server: fife
age: 1
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4755
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:25 GMT

GET
H3 200 AHs97-l1XMrShCybhHabmqiWb-qpne8zOx5FOc1HcyB-194pelBkGOz4mcouK01PI54PHgtcGJsZpf0iOynnHHCULVgvLMNBNkjh5QhJwGdTNd1GCB04=w72-h72-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 3 KB
3 KB 45ms
44ms Image
image/jpeg 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-l1XMrShCybhHabmqiWb-qpne8zOx5FOc1HcyB-194pelBkGOz4mcouK01PI54PHgtcGJsZpf0iOynnHHCULVgvLMNBNkjh5QhJwGdTNd1GCB04=w72-h72-n-k-no-nu

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

b364816e91b00fe2ed07f3e26189a9420ce10ccd1ec6f89caf8a8077a8eafff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:11 GMT
x-content-type-options: nosniff
server: fife
age: 15
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3063
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:11 GMT

GET
H3 200 Captura%20de%20tela%202023-03-05%20135741.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCYFM5DcvDnWiuM4rCGcqWnwxAjZ2V1O6eCXpEw4o4yKdibguz--MjNKlcMw6xwkybCJ2xejOxfhSn1-ZfHPhUoJl1UXcCpMgvYnoRXyFrwKyfgA2P8m1Ky7g7MLo4QGCK52tXalZSPI-gAUOJ... 41 KB
41 KB 483ms
483ms Image
image/png 142.250.180.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCYFM5DcvDnWiuM4rCGcqWnwxAjZ2V1O6eCXpEw4o4yKdibguz--MjNKlcMw6xwkybCJ2xejOxfhSn1-ZfHPhUoJl1UXcCpMgvYnoRXyFrwKyfgA2P8m1Ky7g7MLo4QGCK52tXalZSPI-gAUOJw11xZNRqLtt9siQf3a_BrJe2J5EPtp2VY9rUD_Ym/w200-h130-p-k-no-nu/Captura%20de%20tela%202023-03-05%20135741.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f1.1e100.net

Software

fife /

Resource Hash

455747d80e085325fa17de57345442abda395bdd7afbfd553b4ceaf614fef762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v13f7"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Captura de tela 2023-03-05 135741.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42382
x-xss-protection: 0
expires: Fri, 10 Mar 2023 16:07:27 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
58ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 16:07:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF98 13 KB
5 KB 54ms
52ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 1503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 15:42:23 GMT
expires: Fri, 08 Mar 2024 15:42:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 33D5 783 B
968 B 61ms
58ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

9e4a2080dcf3c2eeb9d94d61d6b335b7c9693c69e1580f07b22052c2af8f900d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gifhS3RLsbbAQZH8nb2QNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.midianewstop.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-gifhS3RLsbbAQZH8nb2QNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 16:07:26 GMT
expires: Thu, 09 Mar 2023 16:07:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 33D5 0
0 79ms
78ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230306&jk=2492693930526928&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame FF98 36 KB
14 KB 45ms
42ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 14:21:52 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FF98 0
10 B 43ms
43ms Image
text/plain 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OBzZaQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:07:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230306&jk=2492693930526928&bg=!ZGelZzPNAAbv3-2Ez987ADkAdvg8WvvEUWhHq04TbIs2oAqVFejn42Ci8uA5aHFpMmzh-qePC97Nlg845Q1mpGSv5TgQ_xLwJzACAAAPBVIAAAANaAEHCgDHeZfNWw900FDzqvgQr4Mx5MoETKsJ3PI21gpsp-0iUiAGvxAMFpKVVA6yG-D6jsBUD7EvPb476Ky-bjN6dhiTk7Z1QVi2ZbL37BTS-3duE2cUBq9c93fUA2rP3EqPzyChCldj7IRazArP62JXElPmShoTaWEBUzTA6UwwmYuO9VeBiWS6j5NynjFnasaDhC8czlSmO8u2ex508nBRf0waiGsFnISOgm5k_tIY7vZHyhwtKJyAUa1O-0kZQ6JWNGIVYh-iHppCq5kCrh2tDhDLExlMIYHnPaqOoUKEdIto5zGcvV0ckRgFhbRzF3VUAtAsgUASD9Kty-wpKfVwtSCurOT2AGKKZFGpxgYKD6CKZU198WJF6QY7L4Vn_DAz8hHU9F9Z7zSVo7Jec6r1YAmyuPnRJpkiyQ64kGMvBtNw8DMoEc9iNSQ2GIG1lnAuP26HxoAuYJ2jd3eyYfO9X3I42x75kpZUcRrB8Tz79IVUiCuSD5ojALyEzCzgNO3WT5hRiTvzhLXTsnhEs_YT2tn3Ooc7a7shHnmZ1OKh02mrv5XES6Oq209UuAQCV0BisVkkqF_e9-tvs7NWmcYigAIOp1b3AQIG0tD9dXOTyn0KWWeiysJ5CoFUI2oUtFsZkNNNSlW_k_jW1fHBQypLLFCN1M7Whmnp9K7vBYYK6n3M463H5SYTGkTOmrQ0IG1mknG0orUp5JtiyC1ZLH61rjdbjaKYserCtWhp1AMN5w6gCuUf_lwucsdWjUwORZ4Nae_CBfQL3HvXA0NAePu_Sntp4jOPOepDfmjo4OmE2kWC8pw6eV21SufoDBFDOeLpELH39Gm_F73E6PoHogYM3awLKmJtllQMr04b4cItWu6d_HE3sSdNRcqcSgboWvq_GpGsM83-KxRztei2I_e7JiL9F7JghRLO2tunYtWRjAqApnCuyLPQdqQJejF2lrVCPtZt2NL-iXwRheMhHJKJcz3d9VegyHbuDlNs3fJxgh4zu8XhShnH_1ev4SzbG-S-HHVYCR9JqiABHSbu-YW69aEJ665LEIfOnez-ZB60CyEi_DNEtnx7Gv3lBKPpPKzEF-LZyBA0zzJEC9rJ-rdO8tZuEUO7QMPIp2Y1eua03Js8ptuaRa3IoZm8esZsiy-3QlizpPaLNQ8x1YXDIBL13ONLWiRf98rRAEYJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s33-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.midianewstop.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

249 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.midianewstop.com.br/	1970-01-20 19:48:58	Name: _ga_L8WX1W8V3Q Value: GS1.1.1678378031.1.0.1678378031.0.0.0
.midianewstop.com.br/	1970-01-20 19:34:34	Name: __gads Value: ID=c44b3c73267047c6-22f4b6fa48dd00aa:T=1678378033:RT=1678378033:S=ALNI_MY4TmFK1uB8TRVnzOg3mwnyNxHATA
.midianewstop.com.br/	1970-01-20 19:34:34	Name: __gpi Value: UID=00000bc2b1bb7448:T=1678378033:RT=1678378033:S=ALNI_Ma0MUcd9_yoeQ74gCFPgBnZ4AyUfA
.midianewstop.com.br/	1970-01-20 19:48:58	Name: _ga Value: GA1.3.368167936.1678378032
.midianewstop.com.br/	1970-01-20 10:14:24	Name: _gid Value: GA1.3.675697215.1678378033
.midianewstop.com.br/	1970-01-20 10:12:58	Name: _gat_blogger Value: 1
.doubleclick.net/	1970-01-20 19:34:34	Name: IDE Value: AHWqTUkzRxZB2JzZ3ayIn_1yIH4c5V1gh0U1CkwesRuh6eJ0wiT7DSxtBz99uZkljj0
.zeotap.com/	1970-01-20 18:58:34	Name: zc Value: f36a7693-7f8d-49d0-7b66-c6a2c00b29ef
.zeotap.com/	1970-01-20 10:14:24	Name: zsc Value: %E9a%60%F1%C32%1E%CD%80z%5D%3E%E7%EE6U%D6%5D4%E9%DE%C0%A3%00%92lg%1C8qJ%00o%9Bg%1B%A7%E1%C5%7B%94s0%F9%C6%977%9D%94%17%1B%13%7F%E8t%C1%AC%7Fb%C9%7D2E%9C%1E%E9%EF%E0%A4%83f%EA%BA%E80%A4%DA%ADXq%C6k7
.id5-sync.com/	1970-01-20 10:12:58	Name: cf Value:
.id5-sync.com/	1970-01-20 10:12:58	Name: cip Value:
.id5-sync.com/	1970-01-20 10:12:58	Name: cnac Value:
.id5-sync.com/	1970-01-20 10:12:58	Name: car Value:
.id5-sync.com/	1970-01-20 10:12:58	Name: gdpr Value:
.id5-sync.com/	1970-01-20 10:12:58	Name: callback Value:
.doubleclick.net/	1970-01-20 10:13:01	Name: DSID Value: NO_DATA

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-mRO8-SllRbOCq7MYU0SSvvAVJ9RKYEsOja1hcgu7j12DobWUh1_v3dtq_IRcui8EJXAx6VlV-yf8x4WgC_SGEk7csvDm20GyC9_FXbatWoTbkDyY5FZgVMGKFzAOIa08-cSzGx_L7xzoITWa3XOkMvnYjfT5zivXX76AwblL9wgw=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-mHvy455AmVaVb2YaJStE7-eUzoNtmd36hIVfOH48VXmetB5JQ1ag9-sahXN3NDzmiHMCAGkEWeqDIppaNqo8NT5LL_MjlgBFPpW6rRAezwJxqdSnx-JGpQZPDxMzcA2Rbn1HJhxcNSF3AlYncc__QUM8eTtT1TXz7HMw=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-m3iSu5dGhFfRuelmj93xJRFDhXD3wAEPD-zwD4JBB7UMEVzkE_g3bdmZN1d6lHsQwNXuy6EV7vqZn6uD5i9zsMQrGnh12bl3xciIYP5urOJDnXnUateAXoGi5gWuugDXeXA4vUhRUnaN3hvb4bz9nbda6C_J9mTI0ghIk=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-kciKwgf_poG_WAHyLXN-F6A2jg4axxeUlEghM91z5TGGtS5u74s6i6aRrPzSrFf2D_0pm69LkMoBTDG4SbyuiWQWByHaWuXRufFR49Np4UIGeIE5soHzMEu05-jDiOWlSxosOwBE-i1hT_brk5NcA1ezDiIukyclnqB-rYpg=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-meKiQt3AbvZuU7Vk9xVu4YXCL3pM1TyLEvthV_HL8C2A-hykFUM1vDIdhMo_2q8mmvr2Abmm1cg0LP8LkfITinW7PW5x0xaEZ9bsbgZI-7WI16k95DvkYlqc6nCXVvtBO8GFT8AvtnDkcEIusLgAs_We7h9B4v=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-k8lk7MklqBRGS5jpPD0unW3vO2tX_ad9VOIVsnDq6jSr_1IuXeeZwzC6Rz5eE4e_D8I5zNQM8zwDOtF7NdWNMdMiFZe-aeYKScqu4gzcW4PoyWTLut7U2a2SgyriAm1vmiwth2fKG8eAB5xHIsxysO8ifOICJGTLs=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-lFvU6qLdF2qgeB3GYy5Nt046xasq31baT0Yp8B7jmVfIivxsvol3lSwBxNT59tXjrQANuq_jVw52w_NXqr3kTX4jHfpcnAs8VYbU9TfzQb6MigY4Y5cfh81gZT2gs0ntJJdD4mtP_WPfUvWxDRoa-SaQl3aH6QyNZH=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-lR6DWQCK-RV5TS9A5IrZ1i8yI1luAepzm95y4beMBxOKMNTu0cuVQtLi4BsbmmYtbwT0ExlVZfDuTUScg_Q6c81tlhDDZ3UDeFw0pHV2Rkuz52yDurcnWqyX-b2FZCfORnNGZn5dY_dIl_70-hQ-wX2izPCR1LXbCWm1YvtGkeSdR6jA=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-nKwp8rLou_cvz9YsGpFRNql7ixi1cz2X3UYtVlwYCTYVlFGDjrOfT6L9i454OX3_ZliCzuX6mUjEJj4VlHZ-ACv2KZmaN161H1qRhqlg_xSwZmvKzpNFd8lwMiHqR39xIgxFVogOYs2xG9-03_NU-5M_o=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-nBVMe6Hqefe2eE7VI63gehrDobxHzwXtvwS8QK_lu7dhPBqA_PqjJNCwzXzROhUcpJWnYHm7V_L0vAge2WJbmpl-xGNk2Oi60kkoF6v4IMXr5NhxN1JmvhYmjQ93Gv9VC3rGLWjPBjAke1Pm5j9pUI5WQ=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-nNDRy_Tzij6KTIpUN3ORi5O_DGswvjwzNcD3dxQRM6-Wi7qft12b_kMkEcKWopuMvzJdBVo_8JnjucYzmzUHMyBorD76RCmINlTg_ci_6CFWOUMqR4djTYZnloMeAG3ZUZHZP2r5bQffOg_9gEu3FzUt8sSgl3RdtQXMpKNw=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-kzrkBvIgIlkYda3y4hitBGlturPkP41CakNLVqWllSnJgrTDnlYTALE57BxE2fP0cy_sttBu0qfaxYUEp743LhofI_Q-ryELhtDLvDgq6xtx4zMYFJ1lvfeD4cteEvMoPU3exX_xRI-nfTn6yiU6Nz67m2SDmHw5ICnXs=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lh3.googleusercontent.com/blogger_img_proxy/AHs97-l7VhNTdA8AwIgmHOCJXOB2fw9YexoKxGdnbyANTPXEF43BsK8hrPNi-4EDTRJrGV5WTKqJ9-542nXKENVNyT_7XkDBgko0nBwwZPwiT3FUCr0gq0pV2DzsYMo-JDMfDwVDs4JX6NMmbO9zqewqrIM5KCK_rd9qRoRbs8j9=w72-h72-p-k-no-nu Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.shareron.xyz/(Line 833) Message: Refused to execute script from 'https://widgets.amung.us/small/13/1325.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://bloggerfollowerss.blogspot.com/(Line 687) Message: Refused to execute script from 'https://widgets.amung.us/small/13/1330.png' because its MIME type ('image/png') is not executable.
other	warning	URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js(Line 2) Message: Unrecognized feature: 'web-share'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-4129695297624715&fa=1&ifi=4&uci=a!4&btvi=1&xpc=cMLh1KjJUc&p=https%3A//www.midianewstop.com.br Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.bp.blogspot.com
ads.themoneytizer.com
adservice.google.com
adservice.google.pl
adtrack.adleadevent.com
ajax.googleapis.com
apis.google.com
audit-tcfv2.cmp.quantcast.com
blogger.googleusercontent.com
bloggerfollowerss.blogspot.com
bloggerfollowerss.blogspot.com.br
blogpager.com
c.tmyzer.com
cdn.phonemore.com
cdnjs.cloudflare.com
ced.sascdn.com
cm.g.doubleclick.net
cmp.quantcast.com
commentid.com
connect.facebook.net
d2zur9cc2gf1tx.cloudfront.net
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fontpis.blogspot.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
images.uncyc.org
lh3.googleusercontent.com
multicanais1.com
multimax.club
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
reclamacoes.net.br
region1.google-analytics.com
rules.quantcount.com
secure.quantserve.com
spl.zeotap.com
tag.leadplace.fr
test.cmp.quantcast.com
tpc.googlesyndication.com
whos.amung.us
widgets.amung.us
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.midianewstop.com.br
www.shareron.xyz
104.17.24.14
104.21.7.209
104.22.25.87
104.22.74.171
108.156.13.118
13.32.110.121
13.32.110.98
142.250.180.193
142.250.180.194
142.250.180.195
142.250.180.200
142.250.181.226
142.250.184.238
142.250.185.162
142.250.185.195
142.250.185.225
142.250.185.243
142.250.185.97
142.250.186.110
142.250.186.34
142.250.186.66
142.250.186.68
142.250.201.202
142.251.208.129
142.251.39.14
142.251.39.41
142.251.39.46
142.251.39.74
145.239.193.51
156.146.33.27
157.240.252.13
162.19.138.116
172.217.18.2
172.217.19.110
172.217.20.14
172.217.20.2
172.67.213.47
177.55.120.3
178.250.1.11
18.66.147.62
188.114.96.12
188.114.96.3
2.16.186.26
216.239.32.36
45.152.44.151
51.89.9.253
52.209.105.145
52.214.64.2
52.57.98.143
54.38.64.100
54.39.50.44
91.228.74.251
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0247b5224da8e3a6d08994e023716ee856e0c78c7631430413a857746102ee13
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0803fe007fad869e084745368c965e8d55f9be108559cfd8a3d802cde1fe34c1
085ddd412d067afef279c75b3bbbb02c6c4c7f6419ddd6da5a666fb4ba5eefe0
08b383a8c3d5338770f8ace7a477fa42a2eeaddc21b2c7f76ca848963e89a8fb
091c8d18b18ad6979e690fbebe9cab8362beef4fbfc810b8170020013debec8d
14d84079758cedde0bb45369cb6f7e7d25cc3b287605e00d42805514fdd0b83c
14eac77f85d3bc8f64f3456e4e909822fca29038dd326a0578fe59bdc013f3b3
1507cf1ff85ae30a9f9e9fec3b48b8fed07b9da628bcac4b7d53154d25b50914
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f5c053b7eb030997ea19d92e50e8b7e8e1c233a4967c6d24ceea1ce548b7abd
2083641ada4e983bb62d730fc66abaaea9a9d3a4d9b9324bda78307432434350
20cb4041bd17f3ff36a3f2eeb0dfacc5e3c2432949f4c02982ac566401e4c47c
22f800efa33daec2fb21f38c9508cb2c93fb937494ce10ebf72e2cbb90c19996
24680041a592b865b4661bf2bdb69e95040dfb4f77601e7293a367cd3d340105
2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2817dbec718e61dfe238ec05ce014b0a7f8332726365e2764a2f9b364ec808c0
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
2d4e3edd0808eefbe1ac5d8b7e19dc46bd4fe7689b5e8824258e6d979e97b0c5
3042297618a25583ad8acf5c3fa6224baa7b2db6b70c52cdda709313088444ec
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
3d06c6b246ddba57df13b038e65d80c2e87421d1981775bdac75531184bb7446
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
423ba8271342561e439d900ab0bed5167151f46896e7a041c1afe2b59486ed21
440e807c1ab14274b7c5b49ec3fb674814dc3fdb6e04136d81906768aeaaf975
455747d80e085325fa17de57345442abda395bdd7afbfd553b4ceaf614fef762
4c410baa8f691ce9185546e1a789d0f4fe2d5b6aef3d83d48c81a53cf6be8530
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
53cc7af610a62742b523f49f2956d5993c7a91be839655c30de12ff918896d65
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
59556aff719e77f359b10859e20c241c8b232214f838fa6688d2bb3dbca82b6d
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b29d62533528d6b05ebc9d8dcbb8d6a33d8b1d62ad10619abd161a2b7580f4b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66b2d0f0991537e9ab14b22a5153cd67216d330b7ae1271c098eb3e5cc82256f
69328a92488a6d5bc7b710ccd049ca0f9d13b7af05b450e89963c39e8882ce3f
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6d112a15e5ac3aa0877a2e06bbb4402b4ebe742bcf355555c46defa4da344a1a
706e1b444f5db1dff267ee831abedbf4a0e3857c9891fdcb43746514380ddb15
714d5a1730c3e569bd06f5fbe831f463e86dbcb6412c06281946aef58884d5df
741320cbce78024402c32b398ee721a66d36185fd20d354abcae5c59f6b2a7db
78de87463358555b2eaf99a7c79947a71a77c85fc8dad803df419c659eb82b6d
7a874b800727e0e847f38cde9fa69f26a057da612488e2befd940feef69e1838
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
849c05db56b3a45045003b8b4085590538b7e685a564981ff618f66b6a04de04
85adddf8b04a947f000872c064145ddd13125e63a024e720664bf184a7144ce9
8e6203015f55818aff51a75657ed6eaa170182cae6dda882e163ecd3a174685c
8e6435769dea358b59b3472298f81ca14ea97c5de7fdda93aa1e01708d14cc44
92bf2667e3434750097f9212feca904c5e7ac36d9155463d25d79f1415018219
94043d12a98e2604aa2e2462694de3c33213f8ef68d11a58808002226d18e79b
95e23bbcb1c881150cab5a1725158908b4c7f408e2a3fec61902a8e1abd11611
9892ae4499103f94eef850c2a6551d624e4420c602b05415706c418923c71ec0
9c5bf2824e173d42f2372c9ce1a57ca6ded7abd959b7409bc9a94fafda87f4a4
9c9758144bcd45ed42a41b65ef12341715aaaeb03d994141718f1b6aef9dc8a0
9e4a2080dcf3c2eeb9d94d61d6b335b7c9693c69e1580f07b22052c2af8f900d
9fbd7f414afceb15d7368a7688bc17265ea485f50e3563374fa073700a4ed27e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a113392c0f3057f514e9c40eed483e3845bf5c9482891ed88dc43751499fba3e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f4866d177bda18188b1b7e8f2b5613b28d821052de499a0110707f240fc8b0
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aabaf8b1092cf0bc20fe1f9ac2add483fecb6e7561cb5f9161c1b17ed83d28ac
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
b080f5a29495cbbedd7ff0136b9218363af56069d55c118aef29e4db40155dc4
b0f41b0d05bdecb97352dae99f9054590e6304f77da7dbc0d501e4b7e7fa5981
b364816e91b00fe2ed07f3e26189a9420ce10ccd1ec6f89caf8a8077a8eafff2
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863
ba076d2ac4bfa825e852b9c8df5b6f5616d2c8ed887c5c3914934214a601f684
bac43e45c5e565a3df3e9d7da7cd1870c28663fb7635184786a10d9242945def
bba344a2df0d2edc455dd9da08e2362285f2fd395ccd4838d325ff7f74725bdb
beec12581311822abaefe0c1af664e5969b40883a0eeb5ccde223a5170daaf8a
bf50246ee662ae5fc57d553de6a0e576e3ac820444d574f30d895881bfc4acbf
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c90858e0d23c9c550f938c67f613c14068fad38713df9379cb1dc1be831815a8
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca0b35aa0f48d8359e7fce9feec83f90ed60c0b857cdf29784f0803b70de4e55
cb5fc5a5809eede004a8f28f5c3bc1e192d97d357446498fa7d2f3077b96fad8
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce0b46a856a68d33e90a64f93e6e50b4d7120dd1e1c8bc510e7021379257930a
d0f27b7a8cdcf93ce9173bfbfd8514cff25debf12e3ceca3a754c8e3a9d5b5e4
d87f5cfa66246ad01156ba11239fa5ec3be55d9124f5390f1f85bc7d666de69b
dac8d8f2ff822500a26e71934e81e5bfb8729134e167264b0d07133596ac85ae
dacdafddfd2dee05248afa84ebed85e1a9e944dd9a9eac6fb89afb160aace4a5
dca08c42d9f052af7080d028223adf089d6036d826dff8941fd4158f529d3a50
df4e725585a7d5794985fa58fc90d66b82344c9092dedb02cd3945b91c6a5e0b
e306a9a93006286083e6aede3a1246be61bdc5cc6b69a77d2bc628cb105956f8
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
ebaaf1e048c274c44d7c2b662b4cd5cfda8b573cbd2b6f7c77aa3c1666f4ebc0
ee12d0e8af1b47f15e0f3182d29707825bacc0c0f9037ae0cb73794cc99c8556
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10cabcd9b65403d24ae7f8228225656e8c02168d817d319b31034ead933f17a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fb75fa1260e33776a9ec0e75be5afe8d2228008e81f5b20fae6d92ace230bf7f

www.midianewstop.com.br Open in urlscan Pro 142.250.185.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

95 %HTTPS

0 %IPv6

40 Domains

59 Subdomains

49 IPs

9 Countries

3754 kBTransfer

8023 kBSize

16 Cookies

5 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.midianewstop.com.br Open in urlscan Pro
142.250.185.243 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

95 %
HTTPS

0 %
IPv6

40
Domains

59
Subdomains

49
IPs

9
Countries

3754 kB
Transfer

8023 kB
Size

16
Cookies

176 HTTP transactions
2 data transactions