diariodonordeste.verdesmares.com.br Open in urlscan Pro
170.82.174.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://diariodonordeste.verdesmares.com.br/
Effective URL:
https://diariodonordeste.verdesmares.com.br/
Submission: On January 06 via api (January 6th 2024, 10:02:52 am UTC) from US — Scanned from DE

Summary HTTP 514 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 67 IPs in 8 countries across 54 domains to perform 514 HTTP transactions. The main IP is 170.82.174.15, located in São Paulo, Brazil and belongs to 3L CLOUD INTERNET SERVICES LTDA - EPP, BR. The main domain is diariodonordeste.verdesmares.com.br. The Cisco Umbrella rank of the primary domain is 908225.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 19th 2023. Valid for: a year.

This is the only time diariodonordeste.verdesmares.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 71	170.82.174.15 170.82.174.15	266444 (3L CLOUD ...) (3L CLOUD INTERNET SERVICES LTDA - EPP)
4	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:1e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:1ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
15	2606:4700::68... 2606:4700::6810:bf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
50	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:325a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 3	65.9.95.111 65.9.95.111	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
12	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3 15	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	95.101.148.198 95.101.148.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	162.19.96.35 162.19.96.35	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:303... 2606:4700:3034::ac43:9a96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700:440... 2606:4700:4400::ac40:919c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	65.9.90.93 65.9.90.93	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:e180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.95.3 65.9.95.3	16509 (AMAZON-02) (AMAZON-02)
4	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 15	2606:4700:440... 2606:4700:4400::6812:24ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.95.18 65.9.95.18	16509 (AMAZON-02) (AMAZON-02)
47	2606:4700:440... 2606:4700:4400::ac40:934d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.97.248 65.9.97.248	16509 (AMAZON-02) (AMAZON-02)
2 4	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1 2	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:1::... 2606:4700:1::6813:834c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 35	2606:4700:440... 2606:4700:4400::6812:28b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.127.187.60 3.127.187.60	16509 (AMAZON-02) (AMAZON-02)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2 4	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1	2606:4700:303... 2606:4700:3033::ac43:9fa2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	91.134.110.133 91.134.110.133	16276 (OVH) (OVH)
1 1	34.248.85.3 34.248.85.3	16509 (AMAZON-02) (AMAZON-02)
1	95.100.81.28 95.100.81.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.214.3.70 52.214.3.70	16509 (AMAZON-02) (AMAZON-02)
2 2	54.246.204.16 54.246.204.16	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	5.196.111.72 5.196.111.72	16276 (OVH) (OVH)
514	67

71 170.82.174.15 (São Paulo, Brazil) 1 redirects

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)

diariodonordeste.verdesmares.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:1e8 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
disclaimer-api.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:1ab (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nr-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.95.111 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-111.prg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.198 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.96.35 (France)

ASN16276 (OVH, FR)
PTR: haproxy03.cl13.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ecfd3cce6a211990d3c24c85f61b6032.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:9a96 (United States)

ASN13335 (CLOUDFLARENET, US)

i.pravatar.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a15 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.premiumads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::ac40:919c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sender.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:e180 (United States)

ASN13335 (CLOUDFLARENET, US)

id.navegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-3.prg50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.96.124.156 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:4400::6812:24ac (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

promos.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-18.prg50.r.cloudfront.net

dd.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2606:4700:4400::ac40:934d (United States)

ASN13335 (CLOUDFLARENET, US)

landingpages.kaizengaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.97.248 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-248.prg50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

12738953.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.234 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:834c (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:4400::6812:28b3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

visuals.kaizengaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.187.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-187-60.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.26 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)

experiences.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.134.110.133 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip133.ip-91-134-110.eu

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.85.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-85-3.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.81.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-81-28.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.3.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-3-70.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.204.16 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-204-16.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.196.111.72 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip72.ip-5-196-111.eu

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	kaizengaming.com 1 redirects landingpages.kaizengaming.com — Cisco Umbrella Rank: 119937 visuals.kaizengaming.com — Cisco Umbrella Rank: 122611	1 MB
71	verdesmares.com.br 1 redirects diariodonordeste.verdesmares.com.br — Cisco Umbrella Rank: 908225	2 MB
50	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	6 MB
40	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1255 c2.taboola.com — Cisco Umbrella Rank: 12960 pm-widget.taboola.com — Cisco Umbrella Rank: 3998 nr-events.taboola.com — Cisco Umbrella Rank: 16493 trc.taboola.com — Cisco Umbrella Rank: 960 am-trc-events.taboola.com — Cisco Umbrella Rank: 11740 images.taboola.com — Cisco Umbrella Rank: 1897	1 MB
40	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 static.doubleclick.net — Cisco Umbrella Rank: 371 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 12738953.fls.doubleclick.net Failed	273 KB
25	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 115	241 KB
24	gstatic.com fonts.gstatic.com www.gstatic.com	281 KB
19	google.com 3 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6 play.google.com Failed adservice.google.com — Cisco Umbrella Rank: 189	119 KB
17	googlesyndication.com ecfd3cce6a211990d3c24c85f61b6032.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185 pagead2.googlesyndication.com — Cisco Umbrella Rank: 140	407 KB
16	betano.de 1 redirects promos.betano.de dd.betano.de — Cisco Umbrella Rank: 629768	263 KB
15	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 45211 usr.navdmp.com — Cisco Umbrella Rank: 50426 cdn.navdmp.com — Cisco Umbrella Rank: 33736 sync2.navdmp.com — Cisco Umbrella Rank: 78647 sync.navdmp.com — Cisco Umbrella Rank: 41196	8 KB
8	cleverwebserver.com 1 redirects scripts.cleverwebserver.com — Cisco Umbrella Rank: 23894 ui.cleverwebserver.com — Cisco Umbrella Rank: 25820 sender.cleverwebserver.com — Cisco Umbrella Rank: 41996 lp.cleverwebserver.com — Cisco Umbrella Rank: 46994 call.cleverwebserver.com — Cisco Umbrella Rank: 27322	95 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1280 w.clarity.ms — Cisco Umbrella Rank: 12725 c.clarity.ms — Cisco Umbrella Rank: 2579	28 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	642 KB
6	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 7751 track.adform.net — Cisco Umbrella Rank: 4333	35 KB
6	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 193	15 KB
6	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	177 KB
6	google.de www.google.de — Cisco Umbrella Rank: 4002	817 B
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 323	136 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1096 tr6.snapchat.com — Cisco Umbrella Rank: 1403	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	42 KB
5	jquery.com code.jquery.com — Cisco Umbrella Rank: 1219	102 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 692 c.bing.com — Cisco Umbrella Rank: 539	14 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	177 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	173 KB
3	smartadserver.com 2 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167 sync.smartadserver.com — Cisco Umbrella Rank: 2055	1 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925	74 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 274	3 KB
3	pn.vg cdn.pn.vg — Cisco Umbrella Rank: 160214	74 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 793	2 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 313	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1396	611 B
2	smartclip.net 2 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 7187	700 B
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1674 at.teads.tv — Cisco Umbrella Rank: 5198	4 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 11503	5 KB
2	gml-grp.com 2 redirects gml-grp.com — Cisco Umbrella Rank: 39255	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	129 KB
2	premiumads.com.br tags.premiumads.com.br — Cisco Umbrella Rank: 404064	143 KB
2	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7834	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	381 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 173	2 KB
2	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 10258 experiences.mrf.io — Cisco Umbrella Rank: 12895	46 KB
2	goadopt.io tag.goadopt.io — Cisco Umbrella Rank: 224091 disclaimer-api.goadopt.io — Cisco Umbrella Rank: 231700	106 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 594	149 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1173	338 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1261	218 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1419	205 B
1	datadome.co api-js.datadome.co — Cisco Umbrella Rank: 6379	408 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1399	18 KB
1	navegg.com id.navegg.com — Cisco Umbrella Rank: 413337	303 B
1	pravatar.cc i.pravatar.cc — Cisco Umbrella Rank: 637740	6 KB
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 3160	623 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 597	288 B
514	54

	Domain	Requested by
71	diariodonordeste.verdesmares.com.br	1 redirects diariodonordeste.verdesmares.com.br cdn.pn.vg
50	www.youtube.com	diariodonordeste.verdesmares.com.br www.youtube.com www.googletagmanager.com
47	landingpages.kaizengaming.com	code.jquery.com landingpages.kaizengaming.com promos.betano.de
35	visuals.kaizengaming.com	1 redirects code.jquery.com visuals.kaizengaming.com
24	jnn-pa.googleapis.com	www.youtube.com
16	images.taboola.com	diariodonordeste.verdesmares.com.br
15	promos.betano.de	1 redirects lp.cleverwebserver.com promos.betano.de code.jquery.com
15	www.google.com	3 redirects diariodonordeste.verdesmares.com.br www.youtube.com securepubads.g.doubleclick.net promos.betano.de tpc.googlesyndication.com
15	securepubads.g.doubleclick.net	diariodonordeste.verdesmares.com.br securepubads.g.doubleclick.net tags.premiumads.com.br www.googletagservices.com
12	www.gstatic.com	www.youtube.com www.gstatic.com
12	fonts.gstatic.com	www.youtube.com
12	googleads.g.doubleclick.net	3 redirects www.googletagmanager.com www.youtube.com diariodonordeste.verdesmares.com.br
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net diariodonordeste.verdesmares.com.br cdn.ampproject.org tpc.googlesyndication.com
8	am-trc-events.taboola.com	diariodonordeste.verdesmares.com.br
8	www.googletagmanager.com	diariodonordeste.verdesmares.com.br www.googletagmanager.com tags.premiumads.com.br promos.betano.de
8	cdn.taboola.com	diariodonordeste.verdesmares.com.br cdn.taboola.com
7	sync.navdmp.com	diariodonordeste.verdesmares.com.br
6	yt3.ggpht.com	www.youtube.com
6	i.ytimg.com	www.youtube.com
6	static.doubleclick.net	www.youtube.com
6	www.google.de	diariodonordeste.verdesmares.com.br www.googletagmanager.com promos.betano.de
6	cdn.ampproject.org	diariodonordeste.verdesmares.com.br securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	code.jquery.com	diariodonordeste.verdesmares.com.br promos.betano.de
4	track.adform.net	2 redirects promos.betano.de
4	tr.snapchat.com	sc-static.net promos.betano.de
4	12738953.fls.doubleclick.net	www.googletagmanager.com
4	w.clarity.ms	www.clarity.ms
4	lp.cleverwebserver.com	diariodonordeste.verdesmares.com.br lp.cleverwebserver.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net diariodonordeste.verdesmares.com.br
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	cdn.jsdelivr.net	diariodonordeste.verdesmares.com.br cdn.jsdelivr.net promos.betano.de
3	bat.bing.com	diariodonordeste.verdesmares.com.br bat.bing.com promos.betano.de
3	trc.taboola.com	cdn.taboola.com tag.navdmp.com
3	sb.scorecardresearch.com	1 redirects diariodonordeste.verdesmares.com.br
3	tag.navdmp.com	diariodonordeste.verdesmares.com.br tag.navdmp.com
3	cdn.pn.vg	diariodonordeste.verdesmares.com.br cdn.pn.vg
2	sync.smartadserver.com	1 redirects
2	secure.adnxs.com	2 redirects
2	dpm.demdex.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ad.sxp.smartclip.net	2 redirects
2	c.clarity.ms	1 redirects
2	adservice.google.com	12738953.fls.doubleclick.net
2	a.mgid.com	diariodonordeste.verdesmares.com.br promos.betano.de
2	s2.adform.net	1 redirects www.googletagmanager.com
2	gml-grp.com	2 redirects
2	c.amazon-adsystem.com	tags.premiumads.com.br c.amazon-adsystem.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	tags.premiumads.com.br	www.googletagmanager.com tags.premiumads.com.br
2	www.clarity.ms	diariodonordeste.verdesmares.com.br www.clarity.ms
2	events.newsroom.bi	sdk.mrf.io
2	cdn.navdmp.com	tag.navdmp.com
2	www.facebook.com	diariodonordeste.verdesmares.com.br promos.betano.de
2	usr.navdmp.com	tag.navdmp.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	nr-events.taboola.com	c2.taboola.com diariodonordeste.verdesmares.com.br
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
1	match.adsrvr.org
1	beacon.krxd.net	tag.navdmp.com
1	tags.bluekai.com	tag.navdmp.com
1	sync.crwdcntrl.net	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	at.teads.tv	a.teads.tv
1	a.teads.tv	tags.premiumads.com.br
1	c.bing.com	1 redirects
1	disclaimer-api.goadopt.io	diariodonordeste.verdesmares.com.br
1	experiences.mrf.io	sdk.mrf.io
1	tr6.snapchat.com	sc-static.net
1	api-js.datadome.co	dd.betano.de
1	sc-static.net	www.googletagmanager.com
1	dd.betano.de	promos.betano.de
1	call.cleverwebserver.com	diariodonordeste.verdesmares.com.br
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	sender.cleverwebserver.com	1 redirects
1	id.navegg.com	tags.premiumads.com.br
1	ui.cleverwebserver.com	diariodonordeste.verdesmares.com.br
1	region1.google-analytics.com	www.googletagmanager.com
1	scripts.cleverwebserver.com	diariodonordeste.verdesmares.com.br
1	i.pravatar.cc	diariodonordeste.verdesmares.com.br
1	ecfd3cce6a211990d3c24c85f61b6032.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	cdn.taboola.com
1	ups.analytics.yahoo.com	diariodonordeste.verdesmares.com.br
1	cms.analytics.yahoo.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	diariodonordeste.verdesmares.com.br
1	cm.g.doubleclick.net	1 redirects
1	gum.criteo.com	cdn.taboola.com
1	sdk.mrf.io	diariodonordeste.verdesmares.com.br
1	c2.taboola.com	diariodonordeste.verdesmares.com.br
1	tag.goadopt.io	diariodonordeste.verdesmares.com.br
0	play.google.com Failed	www.youtube.com
514	94

This site contains links to these domains. Also see Links.

Domain
cleveradvertising.com
assine.diariodonordeste.com.br
privacidade.geq.com.br
diariodigital.verdesmares.com.br
api.whatsapp.com
teavishedconers.com
popup.taboola.com
hoergeraete-vergleich.com
maximparerurehab.com
www.instagram.com
www.facebook.com
www.twitter.com
www.youtube.com
midiakit.svm.com.br
centraldoassinante.diariodonordeste.com.br
www.becompliance.com
goadopt.io

Subject Issuer	Validity	Valid
*.verdesmares.com.br Go Daddy Secure Certificate Authority - G2	`2023-12-19` - `2025-01-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
pn.vg GTS CA 1P5	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-15` - `2024-01-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ssl03.cert.cl13.k8s.mrf.io R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
pravatar.cc GTS CA 1P5	`2023-11-23` - `2024-02-21`	3 months	crt.sh
premiumads.com.br Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
promos.betano.de Cloudflare Inc ECC CA-3	`2023-09-11` - `2024-09-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
dd.betano.de R3	`2023-12-15` - `2024-03-14`	3 months	crt.sh
landingpages.kaizengaming.com E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3	`2023-10-10` - `2024-11-09`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://diariodonordeste.verdesmares.com.br/
Frame ID: 4A75D354CCCABA56494284B3CBCA18BF
Requests: 211 HTTP requests in this frame

Frame: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
Frame ID: 878FC0A4DF82A51A52CCD1AAFA2115C6
Requests: 43 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
Frame ID: 1C04024859630A95C286CD20511644F0
Requests: 43 HTTP requests in this frame

Frame: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
Frame ID: 4D6A06EBB55AF073298223EBD25CFCAC
Requests: 43 HTTP requests in this frame

Frame: https://ecfd3cce6a211990d3c24c85f61b6032.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 646A591AA47D22AB204DA0EF1AFBFE60
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFnp8cLTNpisw08bUB7tbMV9vfc419F5oSf8V8PBvKmlp8kiivr493Zu_X57p-rI4WeOX97eqtaqjBqvmoEPc3Iw36-akyw2fZoH6WP3FHtVjWecL291ZjViDFUpwfCUOyej8fC_KzLdSJylCk_rvrgzoIamjAijuZaXENUgsLnUllXRxZCnM_EG5EuhdAXBnwrjmwoPZkIaJbLv6IBJkxQXx5XU-6d46UG9c-kwK1y3kJYeUjZ7OueIx7S1LeTj6Gf8rO8fXIoXwOCqTj4A6lb0HjnWYkINutsebew7ubZBv49QtSiV4d6tUWMemBJtyeTuzZ2iR5MPRA8yWu9qc_H0OKEkNFZ4jBs9SXSNUBl0tLog8MqaM&sai=AMfl-YRiI7a3jR2jaAjKQt55cjpbi_UvzEt16w1H5SDgtfEm7kz4KmulO2zl3H-9z_OdGxaf5nKN-q9FWyqloN-Hajy8UO00dv2St9w1sxVc-Zdgt0V48DbK7KwT5frIcQ&sig=Cg0ArKJSzP-MkNcCzJk2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 2C4D50316AE2788C71C9C2EB84E3A1FA
Requests: 5 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=362332089
Frame ID: 28831050AAF91235E42D622EE6C1FB7A
Requests: 4 HTTP requests in this frame

Frame: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Frame ID: 2FEDF826252093F8D2F6F0406BE9BC0B
Requests: 88 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRkh-AGSxbUcUCHO8w7r_vB4F_K_u-br1dmOcKs-3D73Ql0HBnmhm8OkMQUy-0hPr455wgogvH_qaOKIOG2TMAToBeHrTvpYixxaefFQhW7agyPl1wY4sGAVFv2H7y2KZZZLWxAeZoSKOk0g982c--_BCIH0FXFWKebEi8BiwhUOr4xW7k37WyN52UPI6Fs-lOHP2rph_cXkjwiAYQZnaZlvRxvWskIN6bwnHf1oxEoFtndAzpsvKoa6XR7QU--TwtSWEhtswe687R6wAhR3_4zgzW15hAd5YGvHkhXyrjqlPVq9hqppD5-MJb3H2ClsMOAFibYYtZErBD0Iuut7evvk3bhRPpG9bYi-0GvH2unaqtGrbr2ynR-cDVAA&sai=AMfl-YQlpZMj1S1wiHU__aMP0g_MjxM68a1vO3SmWrEFw_OY_vFN_mFpgAgAzoVmdy38kIqJEPkoGU9ejiKbPNubMlJhhIXIQKCP5rayEf48PJEr5GDts1qbEhpbQt0YJQ&sig=Cg0ArKJSzHuvjtsyHALXEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 9EDBF2A6F7E4253DEB0FF0B9B57CCA66
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6
Frame ID: 3504E45EA07C3082D275ABBB5504C3C1
Requests: 2 HTTP requests in this frame

Frame: https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 821F1C74781312DB3FCBE19EF3BF7A5B
Requests: 2 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CMjD3IbByIMDFebLOwIdJXgPGg;src=12738953;type=despo0;cat=despo0;ord=1708427651;~oref=https%3A%2F%2Fpromos.betano.de%2F
Frame ID: 6740ED8962238AFC5FE1990050813CAB
Requests: 1 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CNay4obByIMDFbfLOwIdMTcBTg;src=12738953;type=despo0;cat=despo0;ord=2563273487739;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152
Frame ID: 06D286793E25F187DB4ADB9A1A6E0577
Requests: 2 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CPHI4obByIMDFbLiOwId5OAH7g;src=12738953;type=deaff0;cat=deaff0;ord=176614873892;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152
Frame ID: 0E16289FE61838E122E2D27D7C5E7F0F
Requests: 2 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Frame ID: 4374BEA9C064D4E7E86577570984B978
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 17551C43DAD344D9FB3A64C3813B4E9D
Requests: 15 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 1A978ED955B20244DBD3AD20F59AF6D9
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=eaabc8b0-f11d-480b-be88-7d3c8ec82588&u_sclid=16d818f4-0f05-49e0-8c24-41bb6d90bbaa
Frame ID: EDB2D77668FFC0A938CB590E60309A78
Requests: 1 HTTP requests in this frame

Frame: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Frame ID: B328C18210811059946D532A14FEB581
Requests: 1 HTTP requests in this frame

Frame: blob://https://visuals.kaizengaming.com/9a6193a3-650e-42dc-8387-7921f9284c08
Frame ID: FD331F9E79A9D08201C358380ED2CEDD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 55EBD41BF7789283A44A81CDE09D7640
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E4EC6DC52C817CBAE19D509AAD1CB183
Requests: 2 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Frame ID: 1E07FD6A00AF41BD246A089089A2B904
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Diário do Nordeste - Últimas notícias de Fortaleza, Ceará, Brasil Group 3Group 3Group 3Group 3

Page URL History Show full URLs

http://diariodonordeste.verdesmares.com.br/ HTTP 301
https://diariodonordeste.verdesmares.com.br/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

514
Requests

93 %
HTTPS

55 %
IPv6

54
Domains

94
Subdomains

67
IPs

8
Countries

14514 kB
Transfer

36772 kB
Size

74
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://cleveradvertising.com/

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/lojadiariodonordeste/acesso-assinante/https://diariodonordeste.verdesmares.com.br/
Title: Entrar

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/lojadiariodonordeste/
Title: Assinar

Search URL Search Domain Scan URL

URL: https://privacidade.geq.com.br/
Title: Portal da privacidade

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/lojadiariodonordeste/acesso-assinante/https://diariodonordeste.verdesmares.com.br
Title: Entrar

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/lojadiariodonordeste
Title: Assine

Search URL Search Domain Scan URL

URL: https://diariodigital.verdesmares.com.br/loginAssinante?utm_source=diariodonordeste-home&utm_medium=referral&utm_campaign=conversao_digital

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/
Title: Assinar

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=+5585999690752
Title: (85) 99969-0752

Search URL Search Domain Scan URL

URL: https://teavishedconers.com/cff539bb-f92d-40a3-af46-a6839d98b3c9
Title: TurboClean

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=diariodonordeste-diariodonordeste&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://teavishedconers.com/7b77ca26-36e6-43bf-b982-4f602faf3532
Title: TurboClean

Search URL Search Domain Scan URL

URL: https://hoergeraete-vergleich.com/deampfree
Title: Hörgeräte Vergleich

Search URL Search Domain Scan URL

URL: https://maximparerurehab.com/f04b78f6-a4d4-4532-8454-2337b084513b
Title: Solar-Vergleich

Search URL Search Domain Scan URL

URL: https://www.instagram.com/diariodonordeste

Search URL Search Domain Scan URL

URL: https://www.facebook.com/diariodonordeste

Search URL Search Domain Scan URL

URL: https://www.twitter.com/diarioonline

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/diariodonordeste

Search URL Search Domain Scan URL

URL: https://midiakit.svm.com.br/
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://centraldoassinante.diariodonordeste.com.br/
Title: Central do Assinante

Search URL Search Domain Scan URL

URL: https://www.becompliance.com/

Search URL Search Domain Scan URL

URL: https://privacidade.geq.com.br/politica-de-privacidade.php
Title: Datenschutz-Bestimmungen

Search URL Search Domain Scan URL

URL: https://goadopt.io/en/porque-aviso/?source=firstLevel
Title: AdOpt

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://diariodonordeste.verdesmares.com.br/ HTTP 301
https://diariodonordeste.verdesmares.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://sb.scorecardresearch.com/cs/20663921/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 122

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008543156/?random=693103608&cv=11&fst=1704535359552&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&auid=1916853785.1704535360&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=PyWZZeWjJciR78EPl4Su-Ak&sscte=1&crd=&eitems=ChAIgJHkrAYQ_cuBsKO19_JTEh0AWMIr8GI3ktgd3IfkKeir2usOqx8FemPvcNK1CA&pscrd=Ek5DaEFJZ0pIa3JBWVEwYjNycDhyX3E0by1FaVlBWnZ4MjRIMEg0QXRDT0d0Z01MbzFVMzdzcE9Ya1pyT1JVOTV4OU4wdElBa29pb09zLWcaWENoQUlnSkhrckFZUV8tdllsTkxZMXYwUEVpNEFUMUR3U2tVTl9KZ2hSTTJjWm50T2hOWWFEczdqX2ZJT3JYUFlaT3RJVVpPUWRWXzVuQlpSeWJ1YWsxZUgiEwilv_eEwciDAxXIyDsCHReCC58 HTTP 302
https://www.google.com/pagead/1p-conversion/1008543156/?random=693103608&cv=11&fst=1704535359552&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&auid=1916853785.1704535360&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0pIa3JBWVEwYjNycDhyX3E0by1FaVlBWnZ4MjRIMEg0QXRDT0d0Z01MbzFVMzdzcE9Ya1pyT1JVOTV4OU4wdElBa29pb09zLWcaWENoQUlnSkhrckFZUV8tdllsTkxZMXYwUEVpNEFUMUR3U2tVTl9KZ2hSTTJjWm50T2hOWWFEczdqX2ZJT3JYUFlaT3RJVVpPUWRWXzVuQlpSeWJ1YWsxZUgiEwilv_eEwciDAxXIyDsCHReCC58&is_vtc=1&ocp_id=PyWZZeWjJciR78EPl4Su-Ak&cid=CAQSKQAvHhf_YUBfpSCmAR9bzLpVuHYldQfC_l81gKY2Soq7kKMCOwXm0VKn&eitems=ChAIgJHkrAYQ_cuBsKO19_JTEh0AWMIr8LMjGxC4oCenCo8VHVjCQVpDGxSSAehKoQ&random=58926237 HTTP 302
https://www.google.de/pagead/1p-conversion/1008543156/?random=693103608&cv=11&fst=1704535359552&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&auid=1916853785.1704535360&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0pIa3JBWVEwYjNycDhyX3E0by1FaVlBWnZ4MjRIMEg0QXRDT0d0Z01MbzFVMzdzcE9Ya1pyT1JVOTV4OU4wdElBa29pb09zLWcaWENoQUlnSkhrckFZUV8tdllsTkxZMXYwUEVpNEFUMUR3U2tVTl9KZ2hSTTJjWm50T2hOWWFEczdqX2ZJT3JYUFlaT3RJVVpPUWRWXzVuQlpSeWJ1YWsxZUgiEwilv_eEwciDAxXIyDsCHReCC58&is_vtc=1&ocp_id=PyWZZeWjJciR78EPl4Su-Ak&cid=CAQSKQAvHhf_YUBfpSCmAR9bzLpVuHYldQfC_l81gKY2Soq7kKMCOwXm0VKn&eitems=ChAIgJHkrAYQ_cuBsKO19_JTEh0AWMIr8LMjGxC4oCenCo8VHVjCQVpDGxSSAehKoQ&random=58926237&ipr=y

Request Chain 125

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85597914715 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=85597914715&google_gid=CAESELRCiSL-0lqk6bfvMph-Msc&google_cver=1

Request Chain 189

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=954b6599-2540-4500-a121-450832876a99

Request Chain 190

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Request Chain 280

https://sender.cleverwebserver.com/group/49109?id=798620&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&ruri=&r=362332089&tok=33419711310201791433&t=1704535361&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=V2luMTA%3D&res=1600x1200&app=&iv=-1&ctr=DE&sz=1200&landing=1&hei=360.00&ts=0.26 HTTP 301
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=362332089

Request Chain 331

https://gml-grp.com/C.ashx?btag=a_1152b_2931c_&affid=431&siteid=1152&adid=2931&c=CAABXNMSLADAADE HTTP 302
https://gml-grp.com/C.ashx?btag=a_1152b_2931c_&affid=431&siteid=1152&adid=2931&c=CAABXNMSLADAADE&AutoR=1 HTTP 302
https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Request Chain 359

https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 366

https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data= HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=QyWZZbLAE-yOiM0P9cu_8Ak&random=864508237&sscte=1&crd=&pscrd=IhMI8u3ZhsHIgwMVbAeiAx315Q-e HTTP 302
https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=864508237&sscte=1&crd=&pscrd=IhMI8u3ZhsHIgwMVbAeiAx315Q-e&is_vtc=1&ocp_id=QyWZZbLAE-yOiM0P9cu_8Ak&cid=CAQSKQAvHhf_f7MkYo22I2hNG_e50rwb3NvJi_dYWsU9CBpYK5e59KXLABHU&random=506747009 HTTP 302
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=864508237&sscte=1&crd=&pscrd=IhMI8u3ZhsHIgwMVbAeiAx315Q-e&is_vtc=1&ocp_id=QyWZZbLAE-yOiM0P9cu_8Ak&cid=CAQSKQAvHhf_f7MkYo22I2hNG_e50rwb3NvJi_dYWsU9CBpYK5e59KXLABHU&random=506747009&ipr=y

Request Chain 367

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=1708427651;~oref=https%3A%2F%2Fpromos.betano.de%2F HTTP 302
https://12738953.fls.doubleclick.net/activityi;dc_pre=CMjD3IbByIMDFebLOwIdJXgPGg;src=12738953;type=despo0;cat=despo0;ord=1708427651;~oref=https%3A%2F%2Fpromos.betano.de%2F

Request Chain 383

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=2563273487739;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152 HTTP 302
https://12738953.fls.doubleclick.net/activityi;dc_pre=CNay4obByIMDFbfLOwIdMTcBTg;src=12738953;type=despo0;cat=despo0;ord=2563273487739;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152

Request Chain 384

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=176614873892;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152 HTTP 302
https://12738953.fls.doubleclick.net/activityi;dc_pre=CPHI4obByIMDFbLiOwId5OAH7g;src=12738953;type=deaff0;cat=deaff0;ord=176614873892;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152

Request Chain 444

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 449

https://s2.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=941615969683&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 301
https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=941615969683&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=941615969683&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 450

https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=536898526216&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=536898526216&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 451

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 464

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E660F2DE11244C68ADF470FCBD8EF6E0&RedC=c.clarity.ms&MXFR=1936F609526961270C23E5F756696FF9 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E660F2DE11244C68ADF470FCBD8EF6E0&MUID=3784A08D195C6A760118B373188E6B82

Request Chain 514

https://ad.sxp.smartclip.net/sync?type=red&dsp=75 HTTP 302
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1 HTTP 302
https://sync.navdmp.com/sync?prtid=25&sclid=a02cf4c9-4725-9965-35cb-e8bb9697b768

Request Chain 515

https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=ZZklRwAMeBqFOABU HTTP 302
https://sync.navdmp.com/sync?prtid=17&tubid=ZZklRwAMeBqFOABU&_test=ZZklRwAMeBqFOABU

Request Chain 516

https://ssbsync.smartadserver.com/api/sync?callerId=95&redirectUri=https%3A//sync.navdmp.com/sync%3Fprtid%3D21%26dynid%3D%5Bssb_sync_pid%5D&gdpr=0 HTTP 302
https://sync.navdmp.com/sync?prtid=21&dynid=8976906833763015229

Request Chain 517

https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=85597914715?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D HTTP 302
https://sync.navdmp.com/sync?prtid=38&lotid=

Request Chain 521

https://dpm.demdex.net/ibs:dpid=822&dpuuid=85597914715&redir=https%3A//sync.navdmp.com/sync%3Fid%3D85597914715%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=85597914715&redir=https%3A//sync.navdmp.com/sync%3Fid%3D85597914715%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
https://sync.navdmp.com/sync?id=85597914715&adID=06139872236752271833559057114793391891&img=1

Request Chain 522

https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.navdmp.com%2Fsync%3FappNx%3D%24UID%26img%3D1 HTTP 302
https://sync.navdmp.com/sync?appNx=248828268638086159&img=1

Request Chain 524

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1

514 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
diariodonordeste.verdesmares.com.br/
Redirect Chain

http://diariodonordeste.verdesmares.com.br/
https://diariodonordeste.verdesmares.com.br/

477 KB
22 KB

530ms
272ms

Document
text/html

170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

6829f3cf88e814946173de67d2ffc1b4f3250e42b502f56b02083f6ed259d94e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
content-encoding: br
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
content-type: text/html;charset=utf-8
date: Sat, 06 Jan 2024 10:02:38 GMT
server: gocache
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-cache-rule: YES with ttl: 10.000 /
x-cacheable: YES
x-frame-options: SAMEORIGIN ALLOW-FROM http://polopoly.verdesmares.com.br
x-gocache-cachestatus: HIT
x-process: V1

Redirect headers

Connection: keep-alive
Content-Length: 157
Content-Type: text/html
Date: Sat, 06 Jan 2024 10:02:38 GMT
Keep-Alive: timeout=15
Location: https://diariodonordeste.verdesmares.com.br:443/
Server: gocache
X-GoCache-CacheStatus: MISS

GET
H2 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@11/ 18 KB
5 KB 37ms
19ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.css

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c94a0dc6cbd7f95a3c4eb8f7959fd8e5905ff0794116c07a5f09bbac7ef9ffd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 42143
x-jsd-version: 11.0.5
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230130-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"4804-9yCb7UhhpXmk+wLPeZGhum72F0M"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8sUrRoJx%2FLlhWAyj6eEjd1L17ZX5H88UqmsR0Kkq3QhwZo9bqnlKRG9IbkiATT5WgW%2BtNXgUQ%2F3wesA%2FyM3rj8EjhF156zclPcz0sDVh%2BePHZ7B9g33WlTGRzK1EBP%2BWwibvRf%2B8tJQA%2BjP6%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84132068e9e3363c-FRA

GET
H2 200 remixicon.css
cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/ 120 KB
16 KB 38ms
20ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.css

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3319df8b9c28451700b6dc398868f64e5554b3cb164d188bf6f0cac6b6e39793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5130285
x-jsd-version: 3.5.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230060-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1e1f5-48QJs2Ev7WXpvZWlpyTMbKw/aZY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AECSGEDRmV3Bi%2BYpyurIV9zdPOvGkCmzQ3L%2FxFEycF2jb5OgXWegHoEH3puMaZpNTfK0MoIFfOiYUX7ljZoKkzE2jfpeEr6ICYYwCLJT6KCRS5FZIETKT1wZKSe%2FNMDaxpWUC5IVP8WjxYWOYhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84132068e9e6363c-FRA

GET
H2 200 morpheus.css
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/ 122 KB
17 KB 146ms
143ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f926d2eaa1938821474fb891a5c5620ff7b1608c91fa248ba1b0a3488891ea1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:38 GMT
x-cache-rule: YES with ttl: 2592000.000 /css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 224948
etag: W/"125068-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/css
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:38 GMT

GET
H2 200 main.css
diariodonordeste.verdesmares.com.br/apps/morpheus/static/styles/ 84 KB
13 KB 272ms
269ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/static/styles/main.css

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

4038a2a1b34c21f1acd08f84cb08d341feafc9be8ea2c4596885c1255f3f2bbe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 1849
x-gocache-cachestatus: HIT
x-cache: HIT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/static/styles/main.css
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
x-process: V4
etag: W/"86192-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/css
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:38 GMT

GET
H2 200 base.css
diariodonordeste.verdesmares.com.br/static/assets/styles/ 2 KB
1 KB 524ms
521ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

9a911782a9d1a53c1c90b440beed750584f83620bef4d1c97de328a8fa472b47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
x-cacheable: NO
age: 0
x-gocache-cachestatus: REVALIDATED
x-cache: MISS
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
x-process: V4
etag: W/"2403-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/css
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 components.css
diariodonordeste.verdesmares.com.br/static/assets/styles/ 119 KB
16 KB 398ms
395ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/components.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a0e1b81ee14a9c3432248f962ca11f3d939f6066c4eafb15a61680e7b406aa18

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
x-cacheable: YES
age: 79
x-gocache-cachestatus: HIT
x-cache: HIT
x-cache-rule: YES with ttl: 10.000 /static/assets/styles/components.css?v=1.0.39
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
x-process: V1
etag: W/"121759-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/css
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:38 GMT

GET
H2 200 light.css
diariodonordeste.verdesmares.com.br/static/assets/styles/themes/ 334 B
894 B 524ms
522ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/themes/light.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

52a29b757bfaf927dcb60fc3ed65d05560152bdc2b12227e5c53344237d1bed3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
x-cacheable: YES
age: 80
x-gocache-cachestatus: REVALIDATED
x-cache: HIT
x-cache-rule: YES with ttl: 10.000 /static/assets/styles/themes/light.css?v=1.0.39
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
x-process: V1
etag: W/"334-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/css
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 diario.css
diariodonordeste.verdesmares.com.br/static/assets/styles/themes/ 14 KB
2 KB 524ms
522ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/themes/diario.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

2f9dfe3bc1c7da5c87b21ccc2e81cce4e37e1cca9f085d70d8682747219e18bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
x-cacheable: NO
age: 0
x-gocache-cachestatus: REVALIDATED
x-cache: MISS
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
x-process: V4
etag: W/"14514-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/css
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 injector.js Show response
tag.goadopt.io/ 328 KB
105 KB 62ms
24ms Script
text/javascript 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.goadopt.io/injector.js?website_code=0ab6c141-e658-4d74-a27f-53f691e4dab0
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9a4e39d50f327270714dcd7f18f54b57a03fc26189befc99da628449c5355017

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14
cf-polished: origSize=335929
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:
cf-bgj: minify
last-modified: Sat, 06 Jan 2024 10:02:24 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mE%2FQB77mel9UXfctoCdof3RdgGXjNYfpPkUGCsjhIcyGxQ7ctxvZjapT6tN2U02I8ZN2XlkKXT%2BWoKmI4KediAyPxXjZ%2BLOAdduL6lXho4qi2f0hbewzd%2FLsWWTPrVvl%2B51tpcR1cTKGDkSG"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=120
access-control-allow-credentials: true
cf-ray: 8413206908a99128-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 135ms
107ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b4f0f875169895691e5cc0e1a554e678577967be3f7ecdace018759dd56bc7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29039
x-xss-protection: 0
server: cafe
etag: 714 / 19728 / m202401020101 / config-hash: 2026918608723226553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 10:02:39 GMT

GET
H2 200 p_googletag.js Show response
diariodonordeste.verdesmares.com.br/static/assets/scripts/ 2 KB
2 KB 524ms
522ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/scripts/p_googletag.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f099ab2b067e69ce7aec7316818cd1847e4bf80ecc9b3efa0cc9b4fa3d1e88d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
x-cache-rule: YES with ttl: 3600.000 /static/assets/scripts/p_googletag.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 3417
etag: W/"2534-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: REVALIDATED
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
33 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 06 Jan 2024 10:02:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
server: sffe
etag: "f62e83b3b94bc414"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 06 Jan 2024 10:02:39 GMT

GET
H2 200 187307e1-8c37-4991-9aaa-71c2299dcc50.js Show response
cdn.pn.vg/sites/ 3 KB
2 KB 70ms
13ms Script
text/javascript 2606:4700:20::681a:1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/187307e1-8c37-4991-9aaa-71c2299dcc50.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 913e8863b4a9fdd1dc408e358b7fa24cf3ce14d5b08eb9f0f91728a08440f0de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 17 Jan 2023 12:26:03 GMT
server: cloudflare
etag: W/"a63336097f4b5fb1a431c9a971f6ef1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxZx5Z0soi2XbKudI6qH1z%2Fs000Wfmrm636q%2FO29FLRdfqHNyqt%2FzvfZLplAxaxvH10bvZvsMmTIe5V5Zx68fG6ZEpb7P5OgUUmRs3443qJeVjco6FmaOOyQRccixmVVJLZkYZVKVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8413206cd9452c29-FRA
x-amz-cf-id: FeIYM-uKSn_xvUg-FUoXAhXg6dfnpNawg30aw4OZaDhPWBJs7FR5BQ==

GET
H2 200 white.svg
diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/brand/ 6 KB
3 KB 524ms
523ms Image
image/svg+xml 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/brand/white.svg

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f32b140b03828c62df3172e04064f5224d1903f6b45ef970e71e87d345b485c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/diario-do-nordeste/static/brand/white.svg
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 2021
etag: W/"6144-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: image/svg+xml
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 accent.svg
diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/brand/ 6 KB
3 KB 528ms
526ms Image
image/svg+xml 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/brand/accent.svg

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

ea92e1dfe7b0bad34df752ab0a7d7c65896679b908e3b95e81fc88a52bd49fa8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/diario-do-nordeste/static/brand/accent.svg
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 1908
etag: W/"6188-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: image/svg+xml
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 EG%C3%8DDIO-SERPA-2.png
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181665:1685967456/ 44 KB
45 KB 950ms
943ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181665:1685967456/EG%C3%8DDIO-SERPA-2.png?f=1x1&$p$f=0ee3834

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

270014f86c9f5d70a4c39e74f1e16c3209ff44dc0737ae0aea02762bbc182be4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 407
x-gocache-cachestatus: REVALIDATED, REVALIDATED
x-cache: HIT
x-original-image-width: 800
x-original-image-height: 800
x-rendered-image-height: 546
content-length: 44888
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3181665:1685967456/EG%C3%8DDIO-SERPA-2.png?f=1x1&$p$f=0ee3834
server: gocache
etag: W/"policy:1.3181665:1685967456"
x-rendered-image-width: 546
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 Sem-T%C3%ADtulo-1.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181853:1642509659/ 69 KB
70 KB 706ms
700ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181853:1642509659/Sem-T%C3%ADtulo-1.jpg?f=1x1&$p$f=de10c88

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

6dc54b59d9676995b295651619a40959edfd2e18ef49e89e4c0a569066c1405d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 1874
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: HIT
x-original-image-width: 850
x-original-image-height: 850
x-rendered-image-height: 850
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3181853:1642509659/Sem-T%C3%ADtulo-1.jpg?f=1x1&$p$f=de10c88
server: gocache
etag: W/"policy:1.3181853:1642509659"
x-rendered-image-width: 850
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 Victor_2_Easy-Resize.com.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3256523:1658161357/ 57 KB
58 KB 702ms
696ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3256523:1658161357/Victor_2_Easy-Resize.com.jpg?f=1x1&$p$f=b664d85

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

964565e96eba3653f3f34e6cab49ebb69a7e628e6f376d0b3995048e60d4c264

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 273
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: HIT
x-original-image-width: 1155
x-original-image-height: 1280
x-rendered-image-height: 816
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3256523:1658161357/Victor_2_Easy-Resize.com.jpg?f=1x1&$p$f=b664d85
server: gocache
etag: W/"policy:1.3256523:1658161357"
x-rendered-image-width: 815
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 Andr%C3%A9%20Almeida.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949549:1632957008/ 33 KB
34 KB 950ms
944ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949549:1632957008/Andr%C3%A9%20Almeida.jpg?f=1x1&$p$f=3497731

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

3470ec5a8c42a5266093ffc43138e26da1e0c7990e6316f76e9a18a650ef3d7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 800
x-original-image-height: 1200
x-rendered-image-height: 603
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.2949549:1632957008/Andr%C3%A9%20Almeida.jpg?f=1x1&$p$f=3497731
server: gocache
etag: W/"policy:1.2949549:1632957008"
x-rendered-image-width: 603
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 8a60ab66-f6bb-4296-8910-86120a9a61a3.jfif
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3296069:1668275353/ 31 KB
32 KB 381ms
375ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3296069:1668275353/8a60ab66-f6bb-4296-8910-86120a9a61a3.jfif?f=1x1&$p$f=9621649

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

47b7b61d4a719998ac12bf2e12279a9175c971e617eb6544766cf8c5f0369459

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3296069:1668275353/8a60ab66-f6bb-4296-8910-86120a9a61a3.jfif?f=1x1&$p$f=9621649
strict-transport-security: max-age=31536000; includeSubDomains
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 986
etag: W/"policy:1.3296069:1668275353"
x-rendered-image-width: 569
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-original-image-width: 853
content-type: image/jpeg
x-gocache-cachestatus: REVALIDATED
x-cache: HIT
x-original-image-height: 1280
x-rendered-image-height: 569

GET
H2 200 Ingrid%20Coelho%20Site.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3364998:1683220475/ 25 KB
26 KB 705ms
699ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3364998:1683220475/Ingrid%20Coelho%20Site.jpg?f=1x1&$p$f=f15a4ec

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

957b54331affe2dc8fdc71f7638304da5e4152973d21c7c35d9f59d1252cd8f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 444
x-original-image-height: 715
x-rendered-image-height: 443
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3364998:1683220475/Ingrid%20Coelho%20Site.jpg?f=1x1&$p$f=f15a4ec
server: gocache
etag: W/"policy:1.3364998:1683220475"
x-rendered-image-width: 443
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 Igor%20Pires.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3260534:1658925367/ 56 KB
57 KB 255ms
249ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3260534:1658925367/Igor%20Pires.jpg?f=1x1&$p$f=9c59751

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a6c012f52a79847e00cc1e8f8538fbd3a2237d06c78d56351a4fd844ee296279

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 2731
x-gocache-cachestatus: HIT
x-cache: HIT
x-original-image-width: 813
x-original-image-height: 1280
x-rendered-image-height: 814
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3260534:1658925367/Igor%20Pires.jpg?f=1x1&$p$f=9c59751
server: gocache
etag: W/"policy:1.3260534:1658925367"
x-rendered-image-width: 813
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 Paulo%20Angelim-colunista_-site.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3440600:1699449095/ 92 KB
93 KB 949ms
944ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3440600:1699449095/Paulo%20Angelim-colunista_-site.jpg?f=1x1&$p$f=cb2e3c3

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a1305f35e96334c2735a13c26771db6e89d5ba273af5d4ebdbfbf517d52b6a33

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 1126
x-original-image-height: 1280
x-rendered-image-height: 1126
content-length: 93744
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3440600:1699449095/Paulo%20Angelim-colunista_-site.jpg?f=1x1&$p$f=cb2e3c3
server: gocache
etag: W/"policy:1.3440600:1699449095"
x-rendered-image-width: 1126
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3184465:1643113284/ 31 KB
32 KB 951ms
945ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3184465:1643113284/WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg?f=1x1&$p$f=4078d9c

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

d9736ecc3d0b02292cbcc412ccde89edccaa563cf91cb2e4c93e20ef91bfb2e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 2692
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: HIT
x-original-image-width: 800
x-original-image-height: 653
x-rendered-image-height: 495
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3184465:1643113284/WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg?f=1x1&$p$f=4078d9c
server: gocache
etag: W/"policy:1.3184465:1643113284"
x-rendered-image-width: 495
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 jeritza.png
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3391608:1689094815/ 79 KB
80 KB 948ms
942ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3391608:1689094815/jeritza.png?f=1x1&$p$f=3f48bf4

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

adb50f96bb5a48e2ef0fb797794458292ac375857dbb50238b51e354dd3c1760

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 2017
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: HIT
x-original-image-width: 689
x-original-image-height: 728
x-rendered-image-height: 689
content-length: 80916
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3391608:1689094815/jeritza.png?f=1x1&$p$f=3f48bf4
server: gocache
etag: W/"policy:1.3391608:1689094815"
x-rendered-image-width: 689
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 Maria%20Camila%20Moura%20(1).jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3270885:1661369825/ 26 KB
26 KB 950ms
944ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3270885:1661369825/Maria%20Camila%20Moura%20(1).jpg?f=1x1&$p$f=b751315

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

6914bba20ecb857f03498d896f3429d786f29d8839f28275c5f0eaefb1fa31ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: EXPIRED, REVALIDATED
x-cache: MISS
x-original-image-width: 667
x-original-image-height: 1000
x-rendered-image-height: 667
content-length: 26124
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3270885:1661369825/Maria%20Camila%20Moura%20(1).jpg?f=1x1&$p$f=b751315
server: gocache
etag: W/"policy:1.3270885:1661369825"
x-rendered-image-width: 667
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 Delania%20Santos%20PB_Easy-Resize.com.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3272895:1688419883/ 98 KB
99 KB 950ms
945ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3272895:1688419883/Delania%20Santos%20PB_Easy-Resize.com.jpg?f=1x1&$p$f=e95f53d

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

36480d8320f3027e1959409b9618093a71366fafdbd8481f2fa570f30e8680a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 2045
x-gocache-cachestatus: EXPIRED, REVALIDATED
x-cache: HIT
x-original-image-width: 1200
x-original-image-height: 1280
x-rendered-image-height: 1200
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3272895:1688419883/Delania%20Santos%20PB_Easy-Resize.com.jpg?f=1x1&$p$f=e95f53d
server: gocache
etag: W/"policy:1.3272895:1688419883"
x-rendered-image-width: 1200
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 WhatsApp%20Image%202022-01-14%20at%2010.21.10.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3180647:1642166599/ 19 KB
20 KB 948ms
943ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3180647:1642166599/WhatsApp%20Image%202022-01-14%20at%2010.21.10.jpeg?f=1x1&$p$f=0f7315a

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b5ec2a4d1861890e777618cb339db16300cba327389383ea485ae69ec748b619

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: REVALIDATED, REVALIDATED
x-cache: MISS
x-original-image-width: 853
x-original-image-height: 1280
x-rendered-image-height: 481
content-length: 19878
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3180647:1642166599/WhatsApp%20Image%202022-01-14%20at%2010.21.10.jpeg?f=1x1&$p$f=0f7315a
server: gocache
etag: W/"policy:1.3180647:1642166599"
x-rendered-image-width: 481
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 Haley.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463691:1704497152/ 14 KB
15 KB 569ms
569ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463691:1704497152/Haley.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=d97c2ba

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

73711581a64e5153e1d6dc83d5ab9c59190279073cc32274ea9f85d1dbeaf943

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: UPDATING, REVALIDATED
x-cache: MISS
x-original-image-width: 1874
x-original-image-height: 822
x-rendered-image-height: 314
content-length: 14498
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463691:1704497152/Haley.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=d97c2ba
server: gocache
etag: W/"policy:1.3463691:1704497152"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 colac-o-unifor.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463723:1704505671/ 23 KB
24 KB 708ms
708ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463723:1704505671/colac-o-unifor.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e998758

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

c7add74cb2fd22974fbf7676913f045af43dc852adff61022172deb587b3e539

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: EXPIRED, REVALIDATED
x-cache: MISS
x-original-image-width: 1280
x-original-image-height: 853
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463723:1704505671/colac-o-unifor.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e998758
server: gocache
etag: W/"policy:1.3463723:1704505671"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 BBB-24.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463369:1704459565/ 36 KB
36 KB 701ms
694ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463369:1704459565/BBB-24.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=976a2a7

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

050125150d4fde5f0db366518c41e3f2226be0957f3078037bdb6785f1165b54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 1280
x-original-image-height: 921
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463369:1704459565/BBB-24.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=976a2a7
server: gocache
etag: W/"policy:1.3463369:1704459565"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 castro.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463698:1704498338/ 33 KB
34 KB 1156ms
1151ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463698:1704498338/castro.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=0cb93ff

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f494f275bce4fd4dee8ab566084a9c551759aeea03d29469be6fc5747183d4bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: MISS, REVALIDATED
x-cache: MISS
x-original-image-width: 756
x-original-image-height: 504
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463698:1704498338/castro.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=0cb93ff
server: gocache
etag: W/"policy:1.3463698:1704498338"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 wanessa-e-filhos.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463726:1704507587/ 30 KB
31 KB 948ms
943ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463726:1704507587/wanessa-e-filhos.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=24158a0

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

410ad554317ffeddb3df5c2a550c2b315881de9b01aa8f77f5d8081fef722cbf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: EXPIRED, REVALIDATED
x-cache: MISS
x-original-image-width: 1080
x-original-image-height: 1350
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463726:1704507587/wanessa-e-filhos.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=24158a0
server: gocache
etag: W/"policy:1.3463726:1704507587"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 trump.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3457757:1703034099/ 19 KB
20 KB 948ms
943ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3457757:1703034099/trump.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ec7baff

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

69c5f856d15a613a74c211ca54dbaffe3ecd6b56fde61a0a73a81b7d9be49974

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 1024
x-original-image-height: 682
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3457757:1703034099/trump.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ec7baff
server: gocache
etag: W/"policy:1.3457757:1703034099"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 vanessa-lopes.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463679:1704494487/ 33 KB
34 KB 949ms
945ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463679:1704494487/vanessa-lopes.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b4ef2e3

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

7824eb42d6c442d4ab27c624e009fa731b268639c6571d2c8bf36b8e76a1e216

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 195
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: HIT
x-original-image-width: 1000
x-original-image-height: 1250
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463679:1704494487/vanessa-lopes.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b4ef2e3
server: gocache
etag: W/"policy:1.3463679:1704494487"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 mc-bin-laden.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463662:1704489612/ 21 KB
22 KB 950ms
945ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463662:1704489612/mc-bin-laden.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=8f261c2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

987c8ef99ecc722fe3927bac67f2eae84ddd47944191fd354de09dc73a677c71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 131
x-gocache-cachestatus: EXPIRED, REVALIDATED
x-cache: HIT
x-original-image-width: 1080
x-original-image-height: 1349
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463662:1704489612/mc-bin-laden.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=8f261c2
server: gocache
etag: W/"policy:1.3463662:1704489612"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 Hickmann.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463638:1704485532/ 19 KB
20 KB 1155ms
1151ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463638:1704485532/Hickmann.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e4692fe

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

cad9bc6527b72257d887e2f6cb68247261691695c0b8f1f03157f9a693c2ffa3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: EXPIRED, REVALIDATED
x-cache: MISS
x-original-image-width: 888
x-original-image-height: 603
x-rendered-image-height: 314
content-length: 19242
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463638:1704485532/Hickmann.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e4692fe
server: gocache
etag: W/"policy:1.3463638:1704485532"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 Luan.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463477:1704476253/ 28 KB
29 KB 1155ms
1150ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463477:1704476253/Luan.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=f623e9d

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

c4fd5da88e6a307d3c80675b203e95f9d92bd3d1772f4a341acc6d57605f7e82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 440
x-original-image-height: 1024
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463477:1704476253/Luan.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=f623e9d
server: gocache
etag: W/"policy:1.3463477:1704476253"
x-rendered-image-width: 417
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 Caio-Alexandre-meia-Fortaleza.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3346493:1704469123/ 28 KB
29 KB 1281ms
576ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3346493:1704469123/Caio-Alexandre-meia-Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=66118ac

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b34bae971348ff69541a08b66598c078cf3cd023e8b45762654ea24cffd7445c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 800
x-original-image-height: 533
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3346493:1704469123/Caio-Alexandre-meia-Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=66118ac
server: gocache
etag: W/"policy:1.3346493:1704469123"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 Reveillon-2024.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463119:1704456846/ 33 KB
34 KB 2974ms
503ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463119:1704456846/Reveillon-2024.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=70d2e13

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

004faa933546e8b32fa2563c5c180b980dde2d81247683d8d14d4ee66969f188

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: EXPIRED, REVALIDATED
x-cache: MISS
x-original-image-width: 1000
x-original-image-height: 666
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463119:1704456846/Reveillon-2024.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=70d2e13
server: gocache
etag: W/"policy:1.3463119:1704456846"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:42 GMT

GET
H2 200 Danilo-de-Campos.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463438:1704467160/ 12 KB
13 KB 1281ms
508ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463438:1704467160/Danilo-de-Campos.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9dc9b10

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

dffa82fae402fa358344642ea93e4401ff99760fa93eaa676ae31fb6b703e2f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 600
x-original-image-height: 600
x-rendered-image-height: 314
content-length: 12020
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463438:1704467160/Danilo-de-Campos.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9dc9b10
server: gocache
etag: W/"policy:1.3463438:1704467160"
x-rendered-image-width: 417
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 Negueba.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463708:1704500706/ 31 KB
32 KB 1406ms
507ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463708:1704500706/Negueba.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=cd5e881

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

56f1771460ce21136cc8f9fb9c00c1d43b755edd5197e1f55f2b0e9780c1e3c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 5
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: HIT
x-original-image-width: 1080
x-original-image-height: 1350
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463708:1704500706/Negueba.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=cd5e881
server: gocache
etag: W/"policy:1.3463708:1704500706"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 vozao.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463674:1704492034/ 38 KB
39 KB 1407ms
507ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463674:1704492034/vozao.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=6471546

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

41f23834d77768418c29a6e4578dc5fe673e053d0341e8d1ad2074f764bd208d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: REVALIDATED, REVALIDATED
x-cache: MISS
x-original-image-width: 1280
x-original-image-height: 853
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463674:1704492034/vozao.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=6471546
server: gocache
etag: W/"policy:1.3463674:1704492034"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 JO.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463609:1704481976/ 26 KB
27 KB 3364ms
815ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463609:1704481976/JO.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ef10abe

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

779a231769d09869c9ff4c8127c40f64189de7b1dd3b0fa70130b3f02dc6c37a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 984
x-original-image-height: 656
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463609:1704481976/JO.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ef10abe
server: gocache
etag: W/"policy:1.3463609:1704481976"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:42 GMT

GET
H2 200 Recalde.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463572:1704480297/ 20 KB
21 KB 2535ms
644ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463572:1704480297/Recalde.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=2731b8e

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

7deda1c39954d6f7cfd176868e6558aaaa6f941d0a118be674d30c04fb443ae9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 1280
x-original-image-height: 853
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463572:1704480297/Recalde.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=2731b8e
server: gocache
etag: W/"policy:1.3463572:1704480297"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H2 200 Policia.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463704:1704499859/ 22 KB
22 KB 2533ms
574ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463704:1704499859/Policia.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=4dbef76

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

abbd6d5f068aae28bebddc2ff1ac767a61094c668f3472fb4a82104889b00938

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 1024
x-original-image-height: 683
x-rendered-image-height: 314
content-length: 22116
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463704:1704499859/Policia.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=4dbef76
server: gocache
etag: W/"policy:1.3463704:1704499859"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H2 200 Ana-Paula-Arosio.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463632:1704484670/ 22 KB
23 KB 2535ms
576ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463632:1704484670/Ana-Paula-Arosio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=47b641d

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

d88ed7f285ad93601c7c1a42a3089295e46a73ad65affe1f34f000924621376b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 206
x-gocache-cachestatus: MISS, REVALIDATED
x-cache: HIT
x-original-image-width: 600
x-original-image-height: 450
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463632:1704484670/Ana-Paula-Arosio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=47b641d
server: gocache
etag: W/"policy:1.3463632:1704484670"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H2 200 diniz.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463640:1704485758/ 17 KB
18 KB 2534ms
575ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463640:1704485758/diniz.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=3bd1d9d

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

de0ac645206f74dd9197dad7e0d7c30eb5b59a7183108b197b22c3277a1d5d26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 674
x-original-image-height: 450
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463640:1704485758/diniz.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=3bd1d9d
server: gocache
etag: W/"policy:1.3463640:1704485758"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H2 200 A-Viagem.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463444:1704468492/ 27 KB
27 KB 3363ms
763ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463444:1704468492/A-Viagem.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=8cd0e89

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

cc39dce33b537a2de2ec395aac9062ac88ced3a39a13d038b9410b80bd7990db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 620
x-original-image-height: 420
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463444:1704468492/A-Viagem.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=8cd0e89
server: gocache
etag: W/"policy:1.3463444:1704468492"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:42 GMT

GET
H2 200 Delegacia.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463565:1704480062/ 26 KB
27 KB 3492ms
827ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463565:1704480062/Delegacia.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b70febc

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5d75e6b6bc5bbfa6fa2afd985daae315db41763f30c3981aae7958a3437e1988

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 100
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: HIT
x-original-image-width: 960
x-original-image-height: 540
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463565:1704480062/Delegacia.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b70febc
server: gocache
etag: W/"policy:1.3463565:1704480062"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:42 GMT

GET
H2 200 Presidio.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463388:1704461797/ 19 KB
20 KB 3102ms
437ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463388:1704461797/Presidio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a9e499e

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

d2230c7695f96fbffa2a8e1711c582e3dcb6e136bac033dc98704b82164302b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 1280
x-original-image-height: 720
x-rendered-image-height: 314
content-length: 19328
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463388:1704461797/Presidio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a9e499e
server: gocache
etag: W/"policy:1.3463388:1704461797"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 10:02:42 GMT

GET
H2 200 Frio.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463416:1704463528/ 30 KB
31 KB 2533ms
564ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463416:1704463528/Frio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9c36109

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

3d2162445b314f8b5187e9aab513f7f65b8a6f1ae2c911ad812a66b66e9d8975

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 1024
x-original-image-height: 682
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463416:1704463528/Frio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9c36109
server: gocache
etag: W/"policy:1.3463416:1704463528"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H2 200 Luiz-Menezes.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463398:1704462211/ 28 KB
29 KB 2533ms
494ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463398:1704462211/Luiz-Menezes.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=f67097c

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a04cd7a62992df85368e1b445cdd555b394779dd4242e14877cfba103d0bcff0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 1280
x-original-image-height: 853
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463398:1704462211/Luiz-Menezes.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=f67097c
server: gocache
etag: W/"policy:1.3463398:1704462211"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H2 200 Menina-Pimenta.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463313:1704452538/ 27 KB
28 KB 2662ms
497ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463313:1704452538/Menina-Pimenta.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=46fc391

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

3b34383246d1feb438171b37cc5e2dce02114953d3a9749952980c10566321ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 1016
x-original-image-height: 502
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463313:1704452538/Menina-Pimenta.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=46fc391
server: gocache
etag: W/"policy:1.3463313:1704452538"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H2 200 Futura-unidade-do-Grupo-Mateus-na-Aldeota.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3460575:1703772024/ 28 KB
29 KB 2662ms
451ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3460575:1703772024/Futura-unidade-do-Grupo-Mateus-na-Aldeota.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=bd3df5e

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

05c7441247d8f700e8d12fa47d6b88f7e028ef9b28bc9549e713c854ba3add81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT, REVALIDATED
x-cache: MISS
x-original-image-width: 1600
x-original-image-height: 1066
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3460575:1703772024/Futura-unidade-do-Grupo-Mateus-na-Aldeota.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=bd3df5e
server: gocache
etag: W/"policy:1.3460575:1703772024"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ 94 KB
33 KB 27ms
7ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9631563
x-cache: MISS, HIT
content-length: 33357
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230139-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704535359.460453,VS0,VE0
etag: W/"28feccc0-1787d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 0, 334829

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 27ms
7ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9631564
x-cache: HIT, HIT
content-length: 3063
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230139-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704535359.460431,VS0,VE0
etag: W/"28feccc0-1c1f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 3, 339064

GET
H2 200 com.atex.gong.paywall.membership.js Show response
diariodonordeste.verdesmares.com.br/js/ 6 KB
2 KB 143ms
136ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/js/com.atex.gong.paywall.membership.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

494ef673cae9df9d1c8e677e6c24c99241f709a9ef150373687ad20d18500881

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
x-cache-rule: YES with ttl: 3600.000 /js/com.atex.gong.paywall.membership.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 395
etag: W/"5908-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 index.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/vanilla/dist/ 136 KB
35 KB 397ms
396ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/vanilla/dist/index.js?v=1.56.0

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

7e8af219d39c1874b3743a3f2ff3670b764b3733db2391be86f284575562a1e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
x-cacheable: NO
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
x-process: V4
etag: W/"139761-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/javascript
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:38 GMT

GET
H2 200 index.js Show response
diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/scripts/ 13 KB
4 KB 398ms
396ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/scripts/index.js?v=0.5.0

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

68d5359f369dbe89ab3504391fccf4e3dc534abebe4431d8e105833d2ad36165

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
x-cacheable: NO
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
x-process: V4
etag: W/"13283-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/javascript
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:38 GMT

GET
H2 200 web-components.esm.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/ 5 KB
2 KB 398ms
397ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/web-components.esm.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

174311aeecbe9b3ac728199fefbf349859785250c49c45951b6f3b180668c4ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/web-components/dist/web-components/web-components.esm.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 3592
etag: W/"5055-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:38 GMT

GET
H2 200 CAPA%20050124.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463729:1704509731/ 41 KB
42 KB 2534ms
322ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463729:1704509731/CAPA%20050124.jpeg?h=496&w=340&$p$h$w=478a53b

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5276824bcd884e7f39035f625c3748a07c3c10748054717a4b202e5071eec07d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1094
x-original-image-height: 1600
x-rendered-image-height: 496
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463729:1704509731/CAPA%20050124.jpeg?h=496&w=340&$p$h$w=478a53b
server: gocache
etag: W/"policy:1.3463729:1704509731"
x-rendered-image-width: 339
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 40ms
15ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 3600
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8413206cbd449bf2-FRA
expires: Sat, 06 Jan 2024 10:02:39 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/ 376 KB
52 KB 33ms
10ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c088c360f079039bda4967beba79b1caaf126da534ac7f7e2b6baf34acdf263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: fJdyxCBrErH1RZDfcR904ZMOZCDUjJv1
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 10:02:39 GMT
x-amz-request-id: 2ART05SZHJJ3H955
age: 69
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 52517
x-amz-id-2: 63gHVY01E9ddhq0QppvREcSeZ5iQuVhX20ReXPMia5GInGuFPBQdx2YEUI/VI4O0SVIW2JuG4Hw=
x-served-by: cache-fra-eddf8230131-FRA
last-modified: Thu, 04 Jan 2024 11:44:42 GMT
server: AmazonS3
x-timer: S1704535359.468271,VS0,VE3
etag: "8735a00148a5f70e6dd8634dfad535f8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
97 KB 38ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d3efeee476394f810094fda59bb87b7f49e23d95a94ea28681123e72fe23003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98956
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Jan 2024 10:02:39 GMT

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/diariodonordeste-diariodonordeste/ 60 KB
18 KB 31ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/diariodonordeste-diariodonordeste/newsroom.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33b9412580991bedd119a35b9cdeade7f98aa46f1e30cc8cf3c107b60c44aed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 10:02:39 GMT
x-amz-request-id: 89T45T47NPN1QMFZ
age: 69
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17547
x-amz-id-2: N+eN+Kiz9fmbrQpA5j+R8dDPeFxQK8MwoxsrP7ezWZZLoe1zpCPFHb4QemUp6PYg4r145S9zxiw=
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Thu, 03 Aug 2023 20:34:47 GMT
server: AmazonS3
x-timer: S1704535359.468377,VS0,VE1
etag: "d89efb7d8e608969a82595f2f3a2ea49"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 QapS58_46_U Show response
www.youtube.com/embed/ Frame 878F 93 KB
41 KB 93ms
71ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04ebc640f4935e53c8c532d73d2d224a7216eb54937ee02b9fbadb2bb0dbbe80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 OsCp2pYT2_A Show response
www.youtube.com/embed/ Frame 1C04 92 KB
39 KB 105ms
83ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd54e5186bae10eab52d03175ff68d7e63834ff6f4317f79039d11aa05243868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2pR204OZkqw Show response
www.youtube.com/embed/ Frame 4D6A 92 KB
39 KB 99ms
78ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb315d9a8c1f731ea65ab658b55dbc2b6f004a6bf8b86243896a29e785ed423a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Ingrid%20Coelho%20Site.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3364998:1683220475/ 25 KB
26 KB 3099ms
376ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3364998:1683220475/Ingrid%20Coelho%20Site.jpg?f=1x1&$p$f=f15a4ec

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

957b54331affe2dc8fdc71f7638304da5e4152973d21c7c35d9f59d1252cd8f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 444
x-original-image-height: 715
x-rendered-image-height: 443
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3364998:1683220475/Ingrid%20Coelho%20Site.jpg?f=1x1&$p$f=f15a4ec
server: gocache
etag: W/"policy:1.3364998:1683220475"
x-rendered-image-width: 443
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:42 GMT

GET
H3 200 remixicon.woff2
cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/ 140 KB
141 KB 23ms
13ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.woff2?t=1690730386070

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0d0b7e5101a1b8a54268b9188da520d19d74df9b35714a8ddb5987fad990591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.css
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3297861
x-jsd-version: 3.5.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 143720
x-served-by: cache-fra-eddf8230045-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"23168-v1UW3MYZ+EWM8MIIc0fjGC2QYss"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6X0hSJY9R%2BVoPou1EzhGxH81an67yGMeYFCA%2BRO7dWGBESUhjDQjoQjS598uhK15INnw78X9ivjqSfsyu6eei0cjdDhCLDJh9kZkTYCnpLyqNkFiuYWpZMKTpMMMkNOdFtdgAy%2BgxOsDgv802I%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8413206caa3039c4-FRA

GET
H2 200 RobotoCondensed-Bold.woff2
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/RobotoCondensed/ 15 KB
16 KB 364ms
231ms Font
text/html 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/RobotoCondensed/RobotoCondensed-Bold.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

8f428971557af529ec0843e025e70f8e642859b4fed2f2cf0134f16f97bf6910

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
x-cache-rule: YES with ttl: 2592000.000 /css/diario/assets/morpheus/fonts/RobotoCondensed/RobotoCondensed-Bold.woff2
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 219997
etag: W/"15640-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/html;charset=utf-8
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 RobotoCondensed-Regular.woff2
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/RobotoCondensed/ 15 KB
16 KB 500ms
132ms Font
text/html 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/RobotoCondensed/RobotoCondensed-Regular.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

437c424ae2c33178b013590e4fc99f8584edc9893d9276067ef9f9c774d68f9f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
x-cache-rule: YES with ttl: 2592000.000 /css/diario/assets/morpheus/fonts/RobotoCondensed/RobotoCondensed-Regular.woff2
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 224811
etag: W/"15720-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/html;charset=utf-8
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 ArdinaText-Bold.woff2
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/ArdinaText/ 19 KB
20 KB 503ms
135ms Font
text/html 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/ArdinaText/ArdinaText-Bold.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f5baa4d60470a8a53017733f8489c66411d0b65af7883d73c22ac1c949478c35

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
x-cache-rule: YES with ttl: 2592000.000 /css/diario/assets/morpheus/fonts/ArdinaText/ArdinaText-Bold.woff2
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 224874
etag: W/"19260-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/html;charset=utf-8
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:39 GMT

GET
H2 200 icofont.woff2
diariodonordeste.verdesmares.com.br/static/assets/fonts/icofont/ 525 KB
527 KB 688ms
320ms Font
text/html 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/fonts/icofont/icofont.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b8683d861b8449eaa346c46cfa609c2142c0e505e41615aee70096c6e31e919e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
x-cache-rule: YES with ttl: 3600.000 /static/assets/fonts/icofont/icofont.woff2
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 290
etag: W/"537868-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/html;charset=utf-8
x-gocache-cachestatus: REVALIDATED
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 ArdinaText-Medium.woff2
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/ArdinaText/ 19 KB
19 KB 930ms
425ms Font
text/html 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/ArdinaText/ArdinaText-Medium.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

3f78db732fd67cee6fbe4b219ebfec4f4ddefa9d83080fe6019a291071609f33

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
x-cache-rule: YES with ttl: 2592000.000 /css/diario/assets/morpheus/fonts/ArdinaText/ArdinaText-Medium.woff2
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 225054
etag: W/"19032-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/html;charset=utf-8
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 CAPA%20050124.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463729:1704509731/ 41 KB
42 KB 2630ms
321ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463729:1704509731/CAPA%20050124.jpeg?h=496&w=340&$p$h$w=478a53b

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5276824bcd884e7f39035f625c3748a07c3c10748054717a4b202e5071eec07d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1094
x-original-image-height: 1600
x-rendered-image-height: 496
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463729:1704509731/CAPA%20050124.jpeg?h=496&w=340&$p$h$w=478a53b
server: gocache
etag: W/"policy:1.3463729:1704509731"
x-rendered-image-width: 339
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H2 200 load.js Show response
pm-widget.taboola.com/diariodonordeste-diariodonordeste/ 3 KB
1 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/diariodonordeste-diariodonordeste/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af6d94040de81bc27c76495dc92561955e86639b6ed7923c1ea4b08b9f235892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: bkH1kQGAPSAYA_41mibKtE4DXOd5bIYd
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 10:02:39 GMT
x-amz-request-id: VYN952JYEWBTMKTS
age: 3512
x-cache: HIT
content-length: 1173
x-amz-id-2: HVhx/bU8Fi/F7luuuMRm+hNGOOk0xCVzTVqWxntMxiRQbbkpHlP0e6u5Hbu3qOpbuYbPLstdfOc=
x-served-by: cache-fra-eddf8230051-FRA
last-modified: Fri, 29 Sep 2023 10:44:20 GMT
server: AmazonS3
x-timer: S1704535360.509662,VS0,VE0
etag: "3f1b76f3bde3baa4a0887f571d8c7fd1"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 impl.20240104-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 833 KB
173 KB 8ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d48838c5cb12eedc7ddecf68684fdf8a6692818d80bbfb86437d7f4e2d0ad1c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: wgSKbKxiT2.bVgTpAIeE4skihedLcyMc
content-encoding: br
via: 1.1 varnish
date: Sat, 06 Jan 2024 10:02:39 GMT
x-amz-request-id: 6G041TYX4PGD5MJ7
age: 26071
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 176440
x-amz-id-2: cqOS2auUmW77R3KIsj+h+zLPwsD3nPiSui82wKyYcOw+qJFxa3/4KHcsCFp2MpEkGfDrsPK4BFM=
x-served-by: cache-fra-eddf8230131-FRA
last-modified: Thu, 04 Jan 2024 10:40:18 GMT
server: AmazonS3-br
x-timer: S1704535360.509923,VS0,VE0
etag: "5d1a26d82acd8ece5d0bca4d478ba6c9"
vary: Accept-Encoding
content-type: application/javascript
abp: 74
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 54868

GET
H2 200 82438 Show response
tag.navdmp.com/u/ 500 B
507 B 133ms
133ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/82438
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cdf488e01c52018c72e669f38948ef1b3f44463428e6f2fd87c1d77ca77c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 25 May 2022 11:58:12 GMT
server: cloudflare
etag: W/"628e19d4-1f4"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8413206d0d849bf2-FRA
expires: Sat, 06 Jan 2024 11:02:39 GMT

GET
H2 200 get-action Show response
nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/ 132 B
323 B 313ms
16ms Script
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/get-action?page.url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&view.id=288456001403936810&page.template=home&page.dashboard=home
Requested by: Host: c2.taboola.com
URL: https://c2.taboola.com/nr/diariodonordeste-diariodonordeste/newsroom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e01dc524a8d1c1c98410a3757c120f35d71f067519f1fe6329d5b2e9b1008d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230051-FRA
tbl-x-upstream: 10.45.40.105:80
date: Sat, 06 Jan 2024 10:02:39 GMT
via: 1.1 varnish
server: nginx
x-timer: S1704535360.827204,VS0,VE10
x-cache: MISS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 132
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 156 KB
45 KB 1913ms
1487ms Script
application/javascript 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7f6e2585f4bb89f9d5c4bf0bfdf2d8637fd97a0818ca76fe281eb7229e8fbf6

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time: 12ms
date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 06 Jan 2024 09:53:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-envoy-upstream-service-time: 19
accept-ranges: bytes
cf-ray: 841320707a6304ec-HKG
alt-svc: h3=":443"; ma=86400
content-length: 45824

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d169c87392cd6de1541b47e48425b6f39421f8582ff2b12cc8a11f08d2e9e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 10:02:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 46ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 Jan 2024 09:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 862
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 06 Jan 2024 11:48:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 10:02:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54345
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: uoD43fTCwc3uUdmvobf9c7Iti76IuWLpWxK73aQMAg0h5EyIch4Ga65rKK+GSojLM0ToipEaX4eJ+5PZf8R0Ng==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1008543156/ 3 KB
2 KB 82ms
45ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008543156/?random=1704535359550&cv=11&fst=1704535359550&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&auid=1916853785.1704535360&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c76ba09e7acd19638c6930e9da6d05d7b5d057cd367c1c39bd60377f7741c2a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1300
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1008543156/ 3 KB
2 KB 82ms
46ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1008543156/?random=1704535359552&cv=11&fst=1704535359552&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&bttype=purchase&auid=1916853785.1704535360&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

06cd2f85d492d7febb1c0841bb502feaeb8dec1f45cfa981f062ea18c9493765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1692
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/20663921/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

26ms
26ms

Script
application/javascript

65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:36:49 GMT
content-encoding: gzip
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 12388
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 8xrqYp7OtryMn1-zgRaaj2r6UpZOz6XyWQfYveSbqavwG3lSAClmow==

Redirect headers

date: Sat, 06 Jan 2024 10:02:39 GMT
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: XyqXt5klxwzMKXKcNQbRDdQiBrGW66ecBOOROB0HgjLVzmb3lqAMaQ==

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 237 KB
63 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/187307e1-8c37-4991-9aaa-71c2299dcc50.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e52de34ed636085ead8598c90ef5ac802d5cd018542099e4d15e6aad41c07ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 6268
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 05 Jan 2024 20:13:36 GMT
server: cloudflare
etag: W/"4c1401c852c2c2cc476f10fe6fc44c9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=214FR%2B2hL1yDiPL31t07TmbZDVa4c%2FFkykzqPNVWFDCdBlrrmLA8C90KoKZn2ygi%2F%2FzDYvgFpyd3CJh%2BTlZfQ%2BSwhUww6VvSYcOU1ncQuyHSXMMcRI4EX4tGxSrpNzIWGBgrlx6c9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8413206d39982c29-FRA
x-amz-cf-id: 2YL8AuWJKxqXVxaQHm_Jqmt121zP9OtKvGXLK0z7ZPzXW_aN-Va7lA==

GET
H2 200 pmk-20220605.3.js Show response
pm-widget.taboola.com/diariodonordeste-diariodonordeste/ 79 KB
22 KB 37ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/diariodonordeste-diariodonordeste/pmk-20220605.3.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/diariodonordeste-diariodonordeste/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85d47174e25b459f63b552a828429a8fdfc0c0f92c9506098ca5e3685b9d7ed0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: pSbDLMfkakxCvOMNDWiYBlgszh1UGlZr
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 10:02:39 GMT
x-amz-request-id: 9ZN9G3XWH5KXFX43
age: 179445
x-cache: HIT
content-length: 22194
x-amz-id-2: +rN46Tbl1spTR+r+x9AnsPSE8ifBQ1DUnBm/ZyLD6cWiOky+V5NvpaftMciPnItNEmUD9NNXZIU=
x-served-by: cache-fra-eddf8230025-FRA
last-modified: Fri, 29 Sep 2023 10:44:19 GMT
server: AmazonS3
x-timer: S1704535360.588277,VS0,VE0
etag: "d7fcc5be7a092b7e78615ca8b1975441"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 878F 358 KB
47 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 878F 52 KB
16 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 878F 322 KB
96 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 878F 2 MB
771 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 4D6A 358 KB
46 KB 34ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 4D6A 52 KB
16 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 4D6A 322 KB
96 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 4D6A 2 MB
771 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 1C04 358 KB
46 KB 53ms
51ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 1C04 52 KB
16 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 1C04 322 KB
96 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 1C04 2 MB
771 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

GET
H2 204 notify-impression
nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/ 0
68 B 277ms
17ms Image
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/notify-impression?page.url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&view.id=288456001403936810&page.template=home&page.dashboard=home
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230051-FRA
tbl-x-upstream: 10.44.219.141:80
date: Sat, 06 Jan 2024 10:02:39 GMT
via: 1.1 varnish
server: nginx
x-timer: S1704535360.827182,VS0,VE10
x-cache: MISS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
accept-ranges: bytes
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 878F 15 KB
15 KB 49ms
15ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 124543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 878F 15 KB
15 KB 52ms
19ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 395108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4D6A 15 KB
16 KB 36ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 124543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4D6A 15 KB
15 KB 43ms
13ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 395108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C04 15 KB
15 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 124543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C04 15 KB
15 KB 43ms
17ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 395108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 43ms
13ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 296216
expires: 60

GET
H2 200 json Show response
trc.taboola.com/diariodonordeste-diariodonordeste/trc/3/ 40 KB
11 KB 349ms
340ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/diariodonordeste-diariodonordeste/trc/3/json?tim=11%3A02%3A39.637&lti=deflated&data=%7B%22id%22%3A597%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1704368680019%2C%22vi%22%3A1704535359635%2C%22cv%22%3A%2220240104-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9307%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-a-home%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A9275.203125%2C%22mw%22%3A1248%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-a-home%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f92e402d204f3b17da498cee03947944b6b23a3b2410c97b206f7e784087298

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 335
date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.5239583333333333
x-fastly-to-nlb-rtt: 7298
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230051-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1704535360.646247,VS0,VE335
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:19:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38571
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 04 Jan 2025 23:19:48 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
267 B 36ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3DESQCJNQ5&gtm=45je4130v871351496z871506129&_p=1704535359438&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=16618184.1704535360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704535359&sct=1&seg=0&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3243
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
267 B 57ms
19ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3DESQCJNQ5&cid=16618184.1704535360&gtm=45je4130v871351496z871506129&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 39ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3DESQCJNQ5&cid=16618184.1704535360&gtm=45je4130v871351496z871506129&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=24634849

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ 94 KB
33 KB 7ms
7ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9631563
x-cache: MISS, HIT
content-length: 33357
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230139-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704535360.715156,VS0,VE0
etag: W/"28feccc0-1787d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 0, 334830

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
222 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=306484568&t=pageview&_s=1&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&ul=en-us&de=UTF-8&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=55229268&gjid=37316134&cid=16618184.1704535360&tid=UA-41498495-1&_gid=1011405019.1704535360&_r=1&_slc=1&gtm=45He4130n715XXKK2v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=776429482

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pushnews-sw.js Show response
diariodonordeste.verdesmares.com.br/ 95 B
804 B 646ms
425ms Fetch
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/pushnews-sw.js

Requested by

Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
x-cache-rule: YES with ttl: 3600.000 /pushnews-sw.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 3390
etag: W/"95-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H2 200 842108531251252 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/842108531251252?v=2.9.139&r=stable&domain=diariodonordeste.verdesmares.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8df4928a6d83ecb898c23be4498546932ca8866f2f6d5d4507d708d996432427

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 10:02:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35118
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: yNiJv0tfJA8tPz9A+pB6Leh/3rwSFyOmbf6Dlp9BDirmBZq9UV0ZS0Y7rQHoKG/2A2JONWup1UN+pbMLrH3iHg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1008543156/ 42 B
455 B 42ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1008543156/?random=1704535359550&cv=11&fst=1704535200000&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&fmt=3&is_vtc=1&cid=CAQSGwAvHhf__0yQjh8ch5TmWgp8XPuMfg1wTcBkgA&random=1821902941&rmt_tld=0&ipr=y

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1008543156/ 42 B
154 B 22ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1008543156/?random=1704535359550&cv=11&fst=1704535200000&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&fmt=3&is_vtc=1&cid=CAQSGwAvHhf__0yQjh8ch5TmWgp8XPuMfg1wTcBkgA&random=1821902941&rmt_tld=1&ipr=y

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1008543156/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008543156/?random=693103608&cv=11&fst=1704535359552&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&d...
https://www.google.com/pagead/1p-conversion/1008543156/?random=693103608&cv=11&fst=1704535359552&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...
https://www.google.de/pagead/1p-conversion/1008543156/?random=693103608&cv=11&fst=1704535359552&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...

42 B
64 B

26ms
25ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1008543156/?random=693103608&cv=11&fst=1704535359552&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&auid=1916853785.1704535360&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0pIa3JBWVEwYjNycDhyX3E0by1FaVlBWnZ4MjRIMEg0QXRDT0d0Z01MbzFVMzdzcE9Ya1pyT1JVOTV4OU4wdElBa29pb09zLWcaWENoQUlnSkhrckFZUV8tdllsTkxZMXYwUEVpNEFUMUR3U2tVTl9KZ2hSTTJjWm50T2hOWWFEczdqX2ZJT3JYUFlaT3RJVVpPUWRWXzVuQlpSeWJ1YWsxZUgiEwilv_eEwciDAxXIyDsCHReCC58&is_vtc=1&ocp_id=PyWZZeWjJciR78EPl4Su-Ak&cid=CAQSKQAvHhf_YUBfpSCmAR9bzLpVuHYldQfC_l81gKY2Soq7kKMCOwXm0VKn&eitems=ChAIgJHkrAYQ_cuBsKO19_JTEh0AWMIr8LMjGxC4oCenCo8VHVjCQVpDGxSSAehKoQ&random=58926237&ipr=y

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1008543156/?random=693103608&cv=11&fst=1704535359552&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&auid=1916853785.1704535360&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ0pIa3JBWVEwYjNycDhyX3E0by1FaVlBWnZ4MjRIMEg0QXRDT0d0Z01MbzFVMzdzcE9Ya1pyT1JVOTV4OU4wdElBa29pb09zLWcaWENoQUlnSkhrckFZUV8tdllsTkxZMXYwUEVpNEFUMUR3U2tVTl9KZ2hSTTJjWm50T2hOWWFEczdqX2ZJT3JYUFlaT3RJVVpPUWRWXzVuQlpSeWJ1YWsxZUgiEwilv_eEwciDAxXIyDsCHReCC58&is_vtc=1&ocp_id=PyWZZeWjJciR78EPl4Su-Ak&cid=CAQSKQAvHhf_YUBfpSCmAR9bzLpVuHYldQfC_l81gKY2Soq7kKMCOwXm0VKn&eitems=ChAIgJHkrAYQ_cuBsKO19_JTEh0AWMIr8LMjGxC4oCenCo8VHVjCQVpDGxSSAehKoQ&random=58926237&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
430 B 151ms
139ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=82438&u=1&new=1&wst=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a0c4973b9936ef16e16e158976bb69a034574dd2fea780fe8b295040a2f683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 8413206eae549bf2-FRA
expires: Sat, 06 Jan 2024 11:02:39 GMT

GET
H2 200 p-b9c201a0.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/ 12 KB
6 KB 807ms
449ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-b9c201a0.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

4228a95f9d422888250bb0c0805b910108a2f8b7bf16ca46b614ac8e3048dea5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/web-components.esm.js
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/web-components/dist/web-components/p-b9c201a0.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 05 Oct 2023 00:07:34 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 3564
etag: W/"12356-1696464454000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:40 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4D6A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
159 B

14ms
14ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b729ccaacf256c2286bdb492ca764d67afa3f4fe6df6e57afd42857a491271a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 06 Jan 2024 10:02:39 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4D6A 29 B
495 B 35ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 09:54:13 GMT
x-content-type-options: nosniff
age: 506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 10:09:13 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
12ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-41498495-1&cid=16618184.1704535360&jid=55229268&gjid=37316134&_gid=1011405019.1704535360&_u=YADAAEAAAAAAACAAI~&z=1574981816

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 06 Jan 2024 10:02:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 878F 113 B
159 B 15ms
15ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3049590b860367cf285608039355cff6a58d1c9cbd2e75c24ee80a02fffb88f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 878F 29 B
89 B 20ms
8ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 09:54:13 GMT
x-content-type-options: nosniff
age: 506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 10:09:13 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 42ms
16ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:39 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4D6A 87 KB
40 KB 24ms
24ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb04c699207c71f62595ca1cdbafe6886e08a16ee1da9dc09f9e3a23c1ff63ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40880
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 4D6A 116 KB
33 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H3 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame 4D6A 50 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 17:15:54 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/2pR204OZkqw/ Frame 4D6A 17 KB
17 KB 33ms
10ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/2pR204OZkqw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fa506cbf6bc4d331c1041a54489d78e9c9e3e79b17364444e86ac3455760775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
age: 6397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16990
x-xss-protection: 0
server: sffe
etag: "1703873332"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 10:16:02 GMT

GET
DATA 200
OK truncated
/ Frame 4D6A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 4D6A 2 KB
2 KB 33ms
9ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a3eee885775f74730ef43503e2a686731d4ef88baf70a6894a313789b81417b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:34:47 GMT
x-content-type-options: nosniff
age: 12472
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2148
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 06:34:47 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 1C04 113 B
159 B 15ms
15ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76408789ba2c837b7bed919cbe306da5e4bf9dd80e53e661d3c0ee475b4ec745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1C04 29 B
89 B 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 09:54:13 GMT
x-content-type-options: nosniff
age: 506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 10:09:13 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:39 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 878F 86 KB
40 KB 29ms
28ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d47b75592203f10a10656d5b479be62cb32159fd15287665d1074980612bd12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40477
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 878F 116 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H3 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame 878F 50 KB
19 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 17:15:54 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/QapS58_46_U/ Frame 878F 53 KB
53 KB 23ms
21ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/QapS58_46_U/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e193e694bd5cb3b61e7c7a0a51f37e2422326b5363ee1081cd4904893f7ceee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53934
x-xss-protection: 0
server: sffe
etag: "1704401534"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 10:07:40 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 40ms
37ms Image
text/plain 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=20663921&cs_fpcu=d4d270e25ab1401eb7884afbcc56ac76&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1704535360016&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&c8=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&c9=
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: gazXE3mTCPNQeSgFx_AJ84vPv2HhCB5CqDjPwLxAeV5k0um4XG91jw==
x-cache: Miss from cloudfront

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41498495-1&cid=16618184.1704535360&jid=55229268&_u=YADAAEAAAAAAACAAI~&z=429778828

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41498495-1&cid=16618184.1704535360&jid=55229268&_u=YADAAEAAAAAAACAAI~&z=429778828

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 878F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nrraxF0s2jKOl6isMlIEzUjbDvkobeirl6UJxK8DnYrLXDJUOOIAbjNlRx3YC7xz3X-zTjr0OA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 878F 3 KB
3 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/nrraxF0s2jKOl6isMlIEzUjbDvkobeirl6UJxK8DnYrLXDJUOOIAbjNlRx3YC7xz3X-zTjr0OA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7f602f9a56289339e05c21b93cca562e0314d1eb293a8304ae5ce18803470992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 07:18:26 GMT
x-content-type-options: nosniff
age: 9854
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3157
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 07:18:26 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1C04 87 KB
40 KB 25ms
25ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

421996e40f24642bd6c4bdc006a48180e1e6fb30eeaaebba569843917bba6199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40723
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 1C04 116 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H3 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame 1C04 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 17:15:54 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/OsCp2pYT2_A/ Frame 1C04 19 KB
19 KB 18ms
18ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/OsCp2pYT2_A/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cf50d044cad2c23d11f7fa39888aedfccfa55f337df706b54b2cca7cb736e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19206
x-xss-protection: 0
server: sffe
etag: "1704316711"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 10:07:40 GMT

GET
DATA 200
OK truncated
/ Frame 1C04 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 1C04 2 KB
2 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a3eee885775f74730ef43503e2a686731d4ef88baf70a6894a313789b81417b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:34:47 GMT
x-content-type-options: nosniff
age: 12473
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2148
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 06:34:47 GMT

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 11ms
6ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9631565
x-cache: HIT, HIT
content-length: 3063
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230139-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704535360.128868,VS0,VE0
etag: W/"28feccc0-1c1f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 3, 339065

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
5ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=842108531251252&ev=PageView&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&rl=&if=false&ts=1704535360128&sw=1600&sh=1200&v=2.9.139&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1704535360127.309122595&ler=empty&it=1704535359758&coo=false&tm=1&rqm=GET

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 06 Jan 2024 10:02:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 explore-more.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 20ms
10ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13f016fc35d3cf152e8f989d05935bb90c6d1073c83611f04e908eef09229064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: OOh4HsR59TIhrSya6Xm.I0scTRIhPVyd
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 10:02:40 GMT
x-amz-request-id: Z0HFJ5S4BZV34WB9
age: 168851
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7706
x-amz-id-2: HnopnK2Lseq0t7U+kJSt5Cw4OaU0n8dsxRkJ3nDowR+I04hGXuwYQ2iQQdoWm2Fd2PpfY0S/2e4=
x-served-by: cache-fra-eddf8230131-FRA
last-modified: Thu, 04 Jan 2024 11:08:29 GMT
server: AmazonS3
x-timer: S1704535360.167312,VS0,VE0
etag: "a09e51c1496e0751b14b02309cd89e26"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 156482

GET
H2 200 feed-card-placeholder.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 19ms
9ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40eb4494f963b2f531935eb893e7c70b1bd4d8883ca07fde4edb042c4af11387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: fMi2KLEulvb_uusjzoVCBQ4IFfzO1Ulw
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 10:02:40 GMT
x-amz-request-id: M57S5QXV1PXKNBKX
age: 168853
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: ggjGtwnj1WksZd82CjsC2OlYj84BWk5S+tBzDE5CScYqv90iHnaDESPly8ER+qLbIODyRfi/LQo=
x-served-by: cache-fra-eddf8230131-FRA
last-modified: Thu, 04 Jan 2024 11:08:27 GMT
server: AmazonS3
x-timer: S1704535360.167270,VS0,VE0
etag: "4f50a068fa248996321f367dcf8c7f52"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 90
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 295013

GET
H2 200 userx.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 12ms
12ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 682eea5c87bf67e804007deb37d6cc3e5eb7086374828b2af3edd3f3dda92da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: gXOZGBIlMChbQZN6H7nE1LNB2AO93v3U
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 10:02:40 GMT
x-amz-request-id: F1ZD2VYC8QFH971Y
age: 168878
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: gx4ng7+bTsAm4ODLdQe3sI+AzSKHBAMrUNH90IQJaZNVMTTJ9oG0UduFtSy3T3jsv9r7vhnmOPY=
x-served-by: cache-fra-eddf8230131-FRA
last-modified: Thu, 04 Jan 2024 11:08:01 GMT
server: AmazonS3
x-timer: S1704535360.177724,VS0,VE0
etag: "68f394774f9800b001f1f78014cbbc4d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 87
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 65147

GET
H2 200 distance-from-article.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
2 KB 12ms
11ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e260c30045f1b05617f23476acdda8b93536de9e6446b757d7334250297c489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: Qjywn6cL5rejK9hcls5CfyNwwPETx_4o
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 10:02:40 GMT
x-amz-request-id: A7D32QHR9ZV52T20
age: 168847
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: 2bB+XuiJm2PXVLITkoL2Y91LwGtlTENsoT/YOiRvkb1OkkGDql/3fRyTaYfvHLqbSaVl4ZJAUD0=
x-served-by: cache-fra-eddf8230131-FRA
last-modified: Thu, 04 Jan 2024 11:08:34 GMT
server: AmazonS3
x-timer: S1704535360.177722,VS0,VE0
etag: "c5488a1b33b1d8b5475b133202fefc5b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 88
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 325375

GET
H2 200 article-detection.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 11ms
11ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65505f215e9d6c8317be522c00e041b7da5b7a22e8fb8a8d7485a76b691b16f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: rtc13dlxVVo9rGRt2uFsgEX7ziYl68I4
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 10:02:40 GMT
x-amz-request-id: NAVHYEWK7F97QFN8
age: 168839
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: Q1TIy38Of8/Ub7Xy/mSpZbGkaz9ja6BvZnrLmWtJlt0wGjAyXfQ2Yxbt/ySYmJzeiHyyQAS9q9M=
x-served-by: cache-fra-eddf8230131-FRA
last-modified: Thu, 04 Jan 2024 11:08:40 GMT
server: AmazonS3
x-timer: S1704535360.177685,VS0,VE0
etag: "d1831c6c3ea7334404ec31ce08af0eaa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 8
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 325181

GET
H2 204 supply-feature
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 62ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/supply-feature?route=AM:AM:V&tvi2=9516&tvi48=10143&tvi50=9058&lti=deflated&ri=f225b807e052a25079274418d4861246&sd=v2_eddf455589f7c74df3375ccbaea03ea7_27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf_1704535359_1704535359_CNawjgYQ9aJBGJOB5vHNMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf&pi=/&wi=-1502375787747636427&pt=text&vi=1704535359635&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A02%3A40.154&id=7115&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 10:02:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
231 B 61ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/abtests?route=AM:AM:V&tvi2=9516&tvi48=10143&tvi50=9058&lti=deflated&ri=f225b807e052a25079274418d4861246&sd=v2_eddf455589f7c74df3375ccbaea03ea7_27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf_1704535359_1704535359_CNawjgYQ9aJBGJOB5vHNMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf&pi=/&wi=-1502375787747636427&pt=text&vi=1704535359635&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1704535360162%7D&tim=11%3A02%3A40.162&id=9752&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 10:02:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4D6A 90 B
134 B 18ms
17ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b140845d397dfaea19e05f7175ada4318dab24e78bd4fe254d2230dc25f1122b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
14ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 878F 90 B
134 B 19ms
18ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc44c76e8cb0dc7a59dc85c1ddfd177dc89b62dfa4dbab00f5090035822fdab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 204 social
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 17ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/social?route=AM:AM:V&tvi2=9516&tvi48=10143&tvi50=9058&lti=deflated&ri=f225b807e052a25079274418d4861246&sd=v2_eddf455589f7c74df3375ccbaea03ea7_27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf_1704535359_1704535359_CNawjgYQ9aJBGJOB5vHNMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf&pi=/&wi=-1502375787747636427&pt=text&vi=1704535359635&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2Fimage%2Fcontentid%2Fpolicy%3A1.3065338%3A1616776792%2Fimage.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=11%3A02%3A40.306&id=7157&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 10:02:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 17ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/abtests?route=AM:AM:V&tvi2=9516&tvi48=10143&tvi50=9058&lti=deflated&ri=f225b807e052a25079274418d4861246&sd=v2_eddf455589f7c74df3375ccbaea03ea7_27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf_1704535359_1704535359_CNawjgYQ9aJBGJOB5vHNMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf&pi=/&wi=-1502375787747636427&pt=text&vi=1704535359635&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1704535360311%7D&tim=11%3A02%3A40.311&id=8844&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 10:02:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462596%3A1704301... 73 KB
73 KB 107ms
101ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462596%3A1704301900/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd0c73fc87b4a6543216ba56b87ac212d69190f5e104007b686c0eb72273b86f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462596%3A1704301900/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 162806
edge-cache-tag: 320490419336249762014449756846220956681,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 320490419336249762014449756846220956681,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 1355
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 74446
x-request-id: 3f508defbcad01620dc5ea5eb732114d
x-served-by: cache-iad-kjyo7100137-IAD, cache-iad-kiad7000104-IAD, cache-lax-kwhp1940100-LAX, cache-iad-kjyo7100040-IAD, cache-fra-eddf8230051-FRA
last-modified: Thu, 04 Jan 2024 11:07:51 GMT
server: nginx
surrogate-reporting: width=800,height=400,bytes=48660,owidth=800,oheight=526,obytes=57815,ef=(1,13,17,23,30)
x-timer: S1704535360.326370,VS0,VE90
etag: "17594bfb90bbc5e9b7b67c5aa49c2e83"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 3, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462944%3A1704376... 118 KB
119 KB 107ms
101ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462944%3A1704376335/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b77fdea591c9b7a26a805e79838f20f907439c54073dd9644bd49f2bfa2c41c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462944%3A1704376335/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 153838
edge-cache-tag: 431328512541043691862351960872234093009,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 431328512541043691862351960872234093009,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 1867
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 120458
x-request-id: 20d7c0128980f7887cccee4be8e131cc
x-served-by: cache-iad-kiad7000025-IAD, cache-iad-kiad7000036-IAD, cache-ewr18182-EWR, cache-iad-kjyo7100030-IAD, cache-fra-eddf8230051-FRA
last-modified: Thu, 04 Jan 2024 15:11:35 GMT
server: nginx
surrogate-reporting: width=1120,height=560,bytes=104263,owidth=1120,oheight=630,obytes=111816,ef=(1,13,17,23,30)
x-timer: S1704535360.326062,VS0,VE89
etag: "74e84c5b9c77b29da5601001f1199a4a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 3, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461490%3A1703963... 67 KB
69 KB 2460ms
2454ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461490%3A1703963694/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 329cc30fe3310b74c61d8d1d8d4ff96f4ccc01438e6fe3a18e0d7f6d1ec01afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 2447
date: Sat, 06 Jan 2024 10:02:42 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461490%3A1703963694/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 569930
edge-cache-tag: 398255035248016370066181733731233798000,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 398255035248016370066181733731233798000,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, MISS
x-envoy-upstream-service-time: 2339
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 69108
x-request-id: 98fbeb08ad9fa0d4d54c2335c6ef1831
x-served-by: cache-iad-kjyo7100026-IAD, cache-iad-kcgs7200152-IAD, cache-ewr18159-EWR, cache-iad-kjyo7100080-IAD, cache-fra-eddf8230051-FRA
last-modified: Sat, 30 Dec 2023 19:32:11 GMT
server: nginx
surrogate-reporting: width=612,height=306,bytes=34733,owidth=612,oheight=630,obytes=53695,ef=(1,13,17,23,30)
x-timer: S1704535360.326382,VS0,VE2447
etag: "db4a72efc5ae821b7fa935bf8f52a1a0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 0, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463609%3A1704481... 49 KB
50 KB 101ms
95ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463609%3A1704481976/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cbf10b6e772fffeafd4d21eff50263dcb73c1478f7befa02c0f594c6e90990f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463609%3A1704481976/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 48900
edge-cache-tag: 380042026552857649204390250911301229803,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 380042026552857649204390250911301229803,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 2430
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 50196
x-request-id: b23803f3906b63cd46d12f99f767732a
x-served-by: cache-iad-kcgs7200035-IAD, cache-iad-kiad7000146-IAD, cache-lga21920-LGA, cache-iad-kiad7000175-IAD, cache-fra-eddf8230051-FRA
last-modified: Fri, 05 Jan 2024 20:22:48 GMT
server: nginx
surrogate-reporting: width=945,height=472,bytes=44854,owidth=945,oheight=630,obytes=61691,ef=(1,13,17,23,30)
x-timer: S1704535360.326033,VS0,VE88
etag: "2011dad46846f19035672b97c362d10f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 5, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461674%3A1704042006/ 47 KB
47 KB 102ms
97ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461674%3A1704042006/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 65ed0ac6db685fbaeb6f5307408b86bd15ca562e4c54ee0497cce3e9b39b61ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461674%3A1704042006/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 490985
edge-cache-tag: 568847774683264977179517097841069021626,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 568847774683264977179517097841069021626,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 2159
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 47752
x-request-id: 3a4caa1a5b8d7b83b47cfc9cfe9e2eb5
x-served-by: cache-iad-kcgs7200107-IAD, cache-iad-kjyo7100114-IAD, cache-lax-kwhp1940104-LAX, cache-iad-kcgs7200107-IAD, cache-fra-eddf8230051-FRA
last-modified: Sun, 31 Dec 2023 17:36:32 GMT
server: nginx
surrogate-reporting: width=1080,height=540,bytes=78898,owidth=1080,oheight=608,obytes=86465,ef=(1,13,17,23,30)
x-timer: S1704535360.325723,VS0,VE89
etag: "98a33c73dc136dae5585ee99c6772d01"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2, 0

GET
H2 200 5eb2f0c1db69a5dab54546204e8735fa.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 48 KB
49 KB 13ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5eb2f0c1db69a5dab54546204e8735fa.png
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cd1f2b7cb3a442cec867c8c7668f58760fcfaba0788853123e3eb412d6d0c013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5eb2f0c1db69a5dab54546204e8735fa.png
age: 335939
edge-cache-tag: 327408731868651128491135486250504595307,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 327408731868651128491135486250504595307,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 405
req-referer: https://bergsteiger.de/
content-length: 48862
x-request-id: 81158c65806931e8ad83f49d02a8594e
x-served-by: cache-iad-kcgs7200123-IAD, cache-iad-kiad7000049-IAD, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230051-FRA
last-modified: Mon, 11 Sep 2023 18:04:15 GMT
server: nginx
surrogate-reporting: width=1920,height=1066,owidth=1920,oheight=1080,obytes=1464430
x-timer: S1704535360.326337,VS0,VE1
etag: "fd0895ee858667ccb545d86ee2415349"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2755, 1

GET
H2 200 9a96abc98754ebe8d087151238a9a2c1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 47 KB
47 KB 8ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a96abc98754ebe8d087151238a9a2c1.png
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ed779556ae5add346be6777fa0b699e26338ed43431d6e0d7afbaeaa8d14096d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a96abc98754ebe8d087151238a9a2c1.png
age: 6171820
edge-cache-tag: 467083407997049076178546105488703808315,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 467083407997049076178546105488703808315,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 316
req-referer: https://www.t-online.de/
content-length: 47766
x-request-id: 0b784f80dcc0618148abb2b69d23681f
x-served-by: cache-iad-kiad7000102-IAD, cache-iad-kjyo7100077-IAD, cache-sna10746-LGB, cache-iad-kjyo7100034-IAD, cache-fra-eddf8230051-FRA
last-modified: Thu, 28 Sep 2023 17:51:32 GMT
server: nginx
surrogate-reporting: width=1920,height=1066,bytes=215549,owidth=1920,oheight=1080,obytes=493409
x-timer: S1704535360.340000,VS0,VE1
etag: "ab4b3000322f093112791b352f3011fd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461817%3A1704081373/ 17 KB
18 KB 110ms
109ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461817%3A1704081373/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c81ce8799960f3a709e9172e9aa347f726e3f780748fb3cdd4598a358ba8ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 103
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461817%3A1704081373/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 453196
edge-cache-tag: 492692888391147378587719743465215153794,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 492692888391147378587719743465215153794,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 1308
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 17466
x-request-id: a3fe6e4429c41c8f63634b4fe12e3cb6
x-served-by: cache-iad-kiad7000121-IAD, cache-iad-kcgs7200080-IAD, cache-lga21949-LGA, cache-iad-kcgs7200038-IAD, cache-fra-eddf8230051-FRA
last-modified: Mon, 01 Jan 2024 04:09:25 GMT
server: nginx
surrogate-reporting: width=320,height=177,bytes=8852,owidth=320,oheight=189,obytes=9491,ef=(1,13,17,23,30)
x-timer: S1704535360.349818,VS0,VE103
etag: "529415c8cc38ecd22726a5cfaf918945"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 4, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461178%3A1704116564/ 47 KB
47 KB 95ms
94ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461178%3A1704116564/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 587086d17db8d71c28d41a899a09056553c0d7f4b700013f9fe009105eb513a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461178%3A1704116564/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 417549
edge-cache-tag: 603330968513577893432016000011558721228,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 603330968513577893432016000011558721228,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 1847
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 47652
x-request-id: 5e4bf7cd1ac4adca028abdc7ffd7f22a
x-served-by: cache-iad-kjyo7100132-IAD, cache-iad-kjyo7100147-IAD, cache-lga21933-LGA, cache-iad-kjyo7100138-IAD, cache-fra-eddf8230051-FRA
last-modified: Mon, 01 Jan 2024 14:02:44 GMT
server: nginx
surrogate-reporting: width=1000,height=555,bytes=90039,owidth=1000,oheight=588,obytes=86426,ef=(1,13,17,23,30)
x-timer: S1704535360.422983,VS0,VE88
etag: "5c2a669c6e0ab40ac929baf6652f9ffc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461843%3A1704108371/ 15 KB
15 KB 96ms
96ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461843%3A1704108371/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a9fcb7f7194e241e1c52bfdf85a240636f34e86dc4d7509b1df258d16560c71f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461843%3A1704108371/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 425576
edge-cache-tag: 368434168608310518247861426061473424032,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 368434168608310518247861426061473424032,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 1977
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 14876
x-request-id: ace5d56f3d7b8c57822963b69f728d46
x-served-by: cache-iad-kiad7000088-IAD, cache-iad-kiad7000078-IAD, cache-lga21946-LGA, cache-iad-kjyo7100131-IAD, cache-fra-eddf8230051-FRA
last-modified: Mon, 01 Jan 2024 11:49:19 GMT
server: nginx
surrogate-reporting: width=1121,height=622,bytes=44768,owidth=1121,oheight=630,obytes=45054,ef=(1,13,17,23,30)
x-timer: S1704535360.427173,VS0,VE89
etag: "74f046a15cb1972cfd47ef9b20e92c33"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 15, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462534%3A1704287364/ 21 KB
22 KB 96ms
95ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462534%3A1704287364/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: de2780a7bde3db593adb04011d410b9974b2dbbb78da1a763a199b2bd9b23370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462534%3A1704287364/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 247259
edge-cache-tag: 554845742496245508042681938201737892181,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 554845742496245508042681938201737892181,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 357
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 21726
x-request-id: c60a65f78faea139ceabfe6c4340c8aa
x-served-by: cache-iad-kjyo7100137-IAD, cache-iad-kcgs7200175-IAD, cache-ewr18164-EWR, cache-iad-kiad7000097-IAD, cache-fra-eddf8230051-FRA
last-modified: Wed, 03 Jan 2024 13:21:41 GMT
server: nginx
surrogate-reporting: width=822,height=457,bytes=29413,owidth=828,oheight=457,obytes=26754,ef=(1,13,17,23,30)
x-timer: S1704535360.431199,VS0,VE88
etag: "77c5559cad34ffd06e9404751e57efdb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 9, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462789%3A1704323992/ 16 KB
17 KB 94ms
94ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462789%3A1704323992/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ccae3634b916cd27bad22898ced70740673436254149c8926442c529fe3970c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462789%3A1704323992/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 210238
edge-cache-tag: 482618186716721075037580651620958846959,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 482618186716721075037580651620958846959,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 871
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 16510
x-request-id: e618afb94bc9d9d1dfe468327b013e23
x-served-by: cache-iad-kiad7000117-IAD, cache-iad-kiad7000050-IAD, cache-lga21981-LGA, cache-iad-kiad7000050-IAD, cache-fra-eddf8230051-FRA
last-modified: Wed, 03 Jan 2024 23:38:43 GMT
server: nginx
surrogate-reporting: width=640,height=355,bytes=17864,owidth=640,oheight=360,obytes=15299,ef=(1,13,17,23,30)
x-timer: S1704535360.431328,VS0,VE88
etag: "e36835dae965aecde80fe640a23cb538"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 7, 0

GET
H2 200 02c08477a6eb4ee9fffa6d785c0a224c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 45 KB
45 KB 8ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c08477a6eb4ee9fffa6d785c0a224c.png
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 907e1ac58009554a727e701840e9696681909c0e172a56b9fc374c60694d1eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/02c08477a6eb4ee9fffa6d785c0a224c.png
age: 1710799
edge-cache-tag: 329393162420133317008719091510827925068,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 329393162420133317008719091510827925068,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 225
req-referer: https://www.t-online.de/
content-length: 45604
x-request-id: 82130f7a5b36f7e694e7b30a6d0e0ced
x-served-by: cache-iad-kiad7000160-IAD, cache-iad-kjyo7100157-IAD, cache-lax-kwhp1940108-LAX, cache-iad-kjyo7100130-IAD, cache-fra-eddf8230051-FRA
last-modified: Mon, 04 Dec 2023 11:26:12 GMT
server: nginx
surrogate-reporting: width=1000,height=555,bytes=62634,owidth=1000,oheight=600,obytes=1001768
x-timer: S1704535360.460421,VS0,VE1
etag: "4e28b7d9ad00137820ab170cbfcbe16d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 1eee81d701c05844e02db99fff7fbd7c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 74 KB
75 KB 7ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1eee81d701c05844e02db99fff7fbd7c.jpg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 96b4d29d3627f922eb4b4ab1e0eca97a6901c4ddbd60cb07bae3da92a7b51361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1eee81d701c05844e02db99fff7fbd7c.jpg
age: 1385016
edge-cache-tag: 487465816551590943384933345663553894456,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 487465816551590943384933345663553894456,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 166
req-referer: https://www.unsere-helden.com/
content-length: 76208
x-request-id: f7916760a77e8e3a395931d6b051073c
x-served-by: cache-iad-kiad7000121-IAD, cache-iad-kiad7000124-IAD, cache-lga21921-LGA, cache-iad-kjyo7100172-IAD, cache-fra-eddf8230051-FRA
last-modified: Thu, 21 Dec 2023 07:57:40 GMT
server: nginx
surrogate-reporting: width=1000,height=555,bytes=106760,owidth=1000,oheight=560,obytes=620910,ef=(1,13,17,23,30)
x-timer: S1704535360.470932,VS0,VE0
etag: "45750986e3560eb783b40ee437306304"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 5

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463022%3A1704390816/ 17 KB
18 KB 98ms
98ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463022%3A1704390816/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c5a82cf176460d8f3e38314e8d67b127af58cd452ec8c399c5c562a7639242fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 92
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463022%3A1704390816/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 143690
edge-cache-tag: 295381966859447359122420846035056937086,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 295381966859447359122420846035056937086,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 1047
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 17472
x-request-id: 0c5edf169dcd43d35af966fcd822bd55
x-served-by: cache-iad-kjyo7100105-IAD, cache-iad-kjyo7100030-IAD, cache-lga21939-LGA, cache-iad-kjyo7100106-IAD, cache-fra-eddf8230051-FRA
last-modified: Thu, 04 Jan 2024 18:01:51 GMT
server: nginx
surrogate-reporting: width=729,height=405,bytes=19457,owidth=729,oheight=630,obytes=29738,ef=(1,13,17,23,30)
x-timer: S1704535360.479313,VS0,VE92
etag: "b943fc2bbc778c37bb50d95a83b2d32e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461517%3A1703967108/ 45 KB
46 KB 97ms
96ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461517%3A1703967108/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 98a8ca3023f8c8ff492beb3a86a9a47027cd2aa7f930649f134eeb4575f4df20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Sat, 06 Jan 2024 10:02:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461517%3A1703967108/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 567268
edge-cache-tag: 309079665126085207616900919020717571256,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 309079665126085207616900919020717571256,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time: 1242
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 46176
x-request-id: 2075627ae1edb05ea19700fa98978979
x-served-by: cache-iad-kcgs7200044-IAD, cache-iad-kiad7000070-IAD, cache-lax-kwhp1940084-LAX, cache-iad-kjyo7100135-IAD, cache-fra-eddf8230051-FRA
last-modified: Sat, 30 Dec 2023 20:28:13 GMT
server: nginx
surrogate-reporting: width=504,height=280,bytes=25859,owidth=504,oheight=630,obytes=47263,ef=(1,13,17,23,30)
x-timer: S1704535361.518867,VS0,VE90
etag: "d7d574bc3d2a71d8c057056584901776"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 15, 0

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
100 B 155ms
137ms Script
application/x-javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=9&id=13ee08865b2500c51ef0db623c10%7C0&acc=82438&tit=Di%25E1rio%2520do%2520Nordeste%2520-%2520%25DAltimas%2520not%25EDcias%2520de%2520Fortaleza%252C%2520Cear%25E1%252C%2520Brasil&url=https%253A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&upd=1&new=1&h1=PONTOPODER
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84132072386d9bf2-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85597914715
https://sync2.navdmp.com/sync?prtid=2&id=85597914715&google_gid=CAESELRCiSL-0lqk6bfvMph-Msc&google_cver=1

6 B
57 B

151ms
134ms

Script
application/javascript

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=85597914715&google_gid=CAESELRCiSL-0lqk6bfvMph-Msc&google_cver=1
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8413207298969bf2-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=85597914715&google_gid=CAESELRCiSL-0lqk6bfvMph-Msc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=954b6599-2540-4500-a121-450832876a99

43 B
129 B

154ms
137ms

Image
image/gif

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=954b6599-2540-4500-a121-450832876a99
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 8413207349119bf2-FRA
content-length: 43
content-type: image/gif

Redirect headers

Date: Sat, 06 Jan 2024 10:02:40 GMT
Server: MT3 1237 600843f master iad iad-pixel-x16 config_version:"2224"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://sync.navdmp.com/sync?img=1&mdia=954b6599-2540-4500-a121-450832876a99
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Sat, 06 Jan 2024 10:02:39 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
87 B

27ms
10ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date: Sat, 06 Jan 2024 10:02:40 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.94
content-length: 344
content-language: en

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1C04 90 B
134 B 17ms
17ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3bb0e144dd92af0b94ff49afd1c39fc61489ab44828aedf469cb7d1a38815ec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 204 debug
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/2/ 0
89 B 13ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/2/debug?tim=11%3A02%3A40.390&type=usage&msg=image_utils-event-1704535360390&llvl=2&id=2269&cv=20240104-7-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_did_not_matched%22%2C%22itemId%22%3A%22~~V1~~-6307303473066497564~~V8fW_k1uoWV3%22%2C%22isCropping%22%3Atrue%7D
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13860

GET
H2 200 CAPA%20050124.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463729:1704509731/ 41 KB
42 KB 1889ms
253ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463729:1704509731/CAPA%20050124.jpeg?h=496&w=340&$p$h$w=478a53b

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5276824bcd884e7f39035f625c3748a07c3c10748054717a4b202e5071eec07d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1094
x-original-image-height: 1600
x-rendered-image-height: 496
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463729:1704509731/CAPA%20050124.jpeg?h=496&w=340&$p$h$w=478a53b
server: gocache
etag: W/"policy:1.3463729:1704509731"
x-rendered-image-width: 339
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:42 GMT

GET
H2 200 com.atex.gong.paywall.membership.js Show response
diariodonordeste.verdesmares.com.br/js/ 6 KB
2 KB 1246ms
374ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/js/com.atex.gong.paywall.membership.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

494ef673cae9df9d1c8e677e6c24c99241f709a9ef150373687ad20d18500881

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
x-cache-rule: YES with ttl: 3600.000 /js/com.atex.gong.paywall.membership.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 395
etag: W/"5908-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4D6A 4 KB
2 KB 62ms
41ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 10:02:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 38ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 Jan 2024 10:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 08:41:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Jan 2024 10:02:40 GMT

GET
H2 200 spa-detector.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1019 B 7ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3122a2ad14078e833656ac1de950aa8a449c3705d95a21d7be14e88404baa0b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: dH7KykjsDOtMF4968naM8YrCtA.6n8jh
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 10:02:40 GMT
x-amz-request-id: MVJ2BNQT5KRA585M
age: 168867
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 778
x-amz-id-2: Cw2CEUdGekkJs7bkleLkcnmuTWJB6DPNiPWae3rEpUn16rXMHetjXt+oNWtNrv30V72AOMrS0kQ=
x-served-by: cache-fra-eddf8230131-FRA
last-modified: Thu, 04 Jan 2024 11:08:13 GMT
server: AmazonS3
x-timer: S1704535360.421583,VS0,VE0
etag: "3210ec7d0e68e288fb9d371bdb54a214"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 69
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 160012

GET
H2 204 supply-feature
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 18ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/supply-feature?route=AM:AM:V&tvi2=9516&tvi48=10143&tvi50=9058&lti=deflated&ri=f225b807e052a25079274418d4861246&sd=v2_eddf455589f7c74df3375ccbaea03ea7_27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf_1704535359_1704535359_CNawjgYQ9aJBGJOB5vHNMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf&pi=/&wi=-1502375787747636427&pt=text&vi=1704535359635&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A02%3A40.417&id=4058&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 10:02:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/supply-feature?route=AM:AM:V&tvi2=9516&tvi48=10143&tvi50=9058&lti=deflated&ri=f225b807e052a25079274418d4861246&sd=v2_eddf455589f7c74df3375ccbaea03ea7_27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf_1704535359_1704535359_CNawjgYQ9aJBGJOB5vHNMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf&pi=/&wi=-1502375787747636427&pt=text&vi=1704535359635&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A02%3A40.418&id=7083&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 10:02:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/abtests?route=AM:AM:V&tvi2=9516&tvi48=10143&tvi50=9058&lti=deflated&ri=f225b807e052a25079274418d4861246&sd=v2_eddf455589f7c74df3375ccbaea03ea7_27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf_1704535359_1704535359_CNawjgYQ9aJBGJOB5vHNMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf&pi=/&wi=-1502375787747636427&pt=text&vi=1704535359635&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1704535360418%7D&tim=11%3A02%3A40.418&id=1891&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 10:02:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 878F 4 KB
2 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 10:02:40 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4D6A 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Sx3ehA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1C04 4 KB
2 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 10:02:40 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 878F 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?zIARTg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 1C04 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?1WpMkg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 4D6A 50 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 02:27:50 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 878F 50 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 02:27:50 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 1C04 50 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 02:27:50 GMT

POST
H2 204 bulk Show response
trc.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
366 B 18ms
17ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/diariodonordeste-diariodonordeste/log/3/bulk?tvi2=9516&tvi48=10143&tvi50=9058&route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 11
date: Sat, 06 Jan 2024 10:02:41 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7518
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230051-FRA
pragma: no-cache
server: nginx
x-timer: S1704535361.326237,VS0,VE11
content-type: image/gif
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 PushnewsSubscriptionSDK.js Show response
cdn.pn.vg/push/ 35 KB
9 KB 15ms
15ms Script
application/javascript 2606:4700:20::681a:1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
via: 1.1 d683afd94013f32d974236fc8b93f792.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P5
age: 4638
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 03 May 2023 17:43:50 GMT
server: cloudflare
etag: W/"d83660b1645b3c67ae586e71ccd92e33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjLSt6muA5NVV%2Blx8GSC%2BfU1NNY1z%2F%2BRQmjVdA%2FP1rzJ51WaobnlgoWHAQ84HAbXiTxfJ9hKnY5yINEFtcwhqineeQWYVskS759pEXuMu2j%2BVuc20HSNKV9qzjFyW3zczIrXx5fXew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 84132078cb322c29-FRA
x-amz-cf-id: 8Fmum7qUzKeSQ0x5es5B9q5OvICot8PWMUPe6M6jFb-dS3LXPwf9gg==

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 50 B
867 B 84ms
23ms XHR
application/json 162.19.96.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy03.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 66

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 56ms
56ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2846208819070947&correlator=4195303635973511&eid=31077976%2C31080124%2C95320408&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CSLB1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=1&didk=2191766400&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704535361685&lmt=1704535361&adxs=250&adys=347&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=1416x0&msz=1416x0&fws=0&ohw=0&ga_vid=16618184.1704535360&ga_sid=1704535362&ga_hid=306484568&ga_fc=true&dlt=1704535358836&idt=1183&prev_scp=test%3Dlazyload&adks=3090499511&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c5dc068bdca60633a738e51593fef48bc532ae69fe1e020e6fa932106879cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12974
x-xss-protection: 0
google-lineitem-id: 6430281516
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138457937216
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ecfd3cce6a211990d3c24c85f61b6032.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 646A 6 KB
3 KB 48ms
14ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ecfd3cce6a211990d3c24c85f61b6032.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:41 GMT
expires: Sun, 05 Jan 2025 10:02:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e8n0t8ubqm Show response
www.clarity.ms/tag/ 667 B
1 KB 120ms
93ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/e8n0t8ubqm
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 08d21de8318649f614c92d704bc2c227cd6593c8c209a5dbfee70d10a9af5e81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: -1
date: Sat, 06 Jan 2024 10:02:41 GMT
x-azure-ref: 20240106T100241Z-4qfur6nbbh2xt0vv003tsremf800000001e000000000cg2a
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 667
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 p.gif
diariodonordeste.verdesmares.com.br/logger/ 43 B
727 B 935ms
470ms Image
image/gif 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/logger/p.gif?d=/2.16447/2.246

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f3cd5c20a3884bd7cda8eb950adeba86736e8cbf6ae2fa7f84ece1ced383445c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-cacheable: NO:Not-Cacheable
server: gocache
x-gocache-image: optimized
age: 0
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: MISS
content-type: image/gif
x-gocache-cachestatus: HIT, EXPIRED
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 10:02:42 GMT

GET
H2 200 150
i.pravatar.cc/ 5 KB
6 KB 375ms
277ms Image
image/jpeg 2606:4700:3034::ac43:9a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pravatar.cc/150?img=64
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2227f27555cfdda5ca407e3706a473660e40a64d3e026a961f24197066e55aa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 04:09:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9763
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqPxD5peqJfsSiWES3EstMITU6w2rfr5ocuLjfSLSVRRKaQgpvHG2BuZBIUUzJDsoAyr4kn8qvtkGUIW4L7XrVggvxjEVJXEeSBZyQCfA%2FrfYiaPRJJ1e4bsv7Rav1Wrre4PAAOidFlUnyBC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8413207b4b9a0b53-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5188
expires: Mon, 11 Dec 2023 04:24:39 GMT

GET
H2 200 p-dd84f628.entry.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/ 1 KB
1 KB 401ms
325ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-dd84f628.entry.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-b9c201a0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

944bd35271d7242c6a221a4ed3820216677357b9f9189a329de05fb0462df330

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-b9c201a0.js
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/web-components/dist/web-components/p-dd84f628.entry.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 05 Oct 2023 00:07:34 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 761
etag: W/"1113-1696464454000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:41 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
17 KB 275ms
275ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2846208819070947&correlator=4195303635973511&eid=31077976%2C31080124%2C95320408&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CMP2&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=2&didk=342283315&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704535361721&lmt=1704535361&adxs=1064&adys=6151&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=16618184.1704535360&ga_sid=1704535362&ga_hid=306484568&ga_fc=true&dlt=1704535358836&idt=1183&prev_scp=test%3Dlazyload&adks=474204770&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a70e7a903299bf3d89b7f42191b7fae39f9955a27fa0dd025d45c63356798ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17800
x-xss-protection: 0
google-lineitem-id: 6465798122
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138460406334
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 1777ms
1777ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2846208819070947&correlator=4195303635973511&eid=31077976%2C31080124%2C95320408&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CRET1&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=3&didk=4285333354&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704535361725&lmt=1704535361&adxs=1064&adys=2415&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=16618184.1704535360&ga_sid=1704535362&ga_hid=306484568&ga_fc=true&dlt=1704535358836&idt=1183&prev_scp=test%3Dlazyload&adks=2432074750&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7d41a2b36e119d29bbfe8d98af59e5fa123cb773f1fc5689af4d91de2a2fd9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11632
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
18 KB 1193ms
1193ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2846208819070947&correlator=4195303635973511&eid=31077976%2C31080124%2C95320408&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CMP1&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=4&didk=3952535971&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704535361727&lmt=1704535361&adxs=1064&adys=2703&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=16618184.1704535360&ga_sid=1704535362&ga_hid=306484568&ga_fc=true&dlt=1704535358836&idt=1183&prev_scp=test%3Dlazyload&adks=1555348585&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3aa0424e9261f4956e4a3b28f57bcc89c55622eb4f235ccf27e67a6bf0122ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17953
x-xss-protection: 0
google-lineitem-id: 6450471822
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138460163305
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 1500ms
1499ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2846208819070947&correlator=4195303635973511&eid=31077976%2C31080124%2C95320408&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CRET2&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=5&didk=1973987726&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704535361729&lmt=1704535361&adxs=1064&adys=4632&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=16618184.1704535360&ga_sid=1704535362&ga_hid=306484568&ga_fc=true&dlt=1704535358836&idt=1183&prev_scp=test%3Dlazyload&adks=1282696665&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfc7f1b569a5d66dd642c72684d0183026d68baf513cfe2ee2418f4c78ba8547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11613
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 648 B
330 B 779ms
779ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2846208819070947&correlator=4195303635973511&eid=31077976%2C31080124%2C95320408&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CSLB2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=6&didk=1316692529&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704535361732&lmt=1704535361&adxs=250&adys=2327&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=1248x0&msz=1100x0&fws=0&ohw=0&ga_vid=16618184.1704535360&ga_sid=1704535362&ga_hid=306484568&ga_fc=true&dlt=1704535358836&idt=1183&prev_scp=test%3Dlazyload&adks=1634881488&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3298dce752fb616bb52b8414cd17b553e485c5ffa6864aadada282f1b71511bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 300
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 648 B
328 B 2003ms
2003ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2846208819070947&correlator=4195303635973511&eid=31077976%2C31080124%2C95320408&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CSLB3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=7&didk=3484108123&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704535361734&lmt=1704535361&adxs=250&adys=4464&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=1248x0&msz=1100x0&fws=0&ohw=0&ga_vid=16618184.1704535360&ga_sid=1704535362&ga_hid=306484568&ga_fc=true&dlt=1704535358836&idt=1183&prev_scp=test%3Dlazyload&adks=2813365345&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee01d4ddd228dc70bb9971c3e8789373fd41464cc4129450e88c3e2790b0546d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 24efd11c-063c-46de-9749-1636434fcb6c Show response
tags.premiumads.com.br/dfp/ 70 KB
24 KB 51ms
14ms Script
text/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2d6a8ad45eda12bcd8172fa4afcc406e7aef22de7f74ca01f0c6a70fabd8fe82

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 335698
x-powered-by: ASP.NET
request-context: appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
cf-bgj: minify
last-modified: Tue, 02 Jan 2024 12:47:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq2erOoTxuv4oW1A8VxbW%2BWxrZ587fMj0hot6pC7sML7Lw7f81IQqyn3Zn1KyVn7TGGDGpF8b%2BBmBdQcN28UuJ1U1eoeVMMVtKoQY5gJ%2BjZmzBIBepAc9sq4eNMOpeVPYeDK3RhVbURIiDAHVpn719Ucvww%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=3600
cf-ray: 8413207b2ec13819-FRA

GET
H3 200 QapS58_46_U Show response
www.youtube.com/embed/ Frame 878F 93 KB
39 KB 75ms
74ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96ed1c4aeb972781afffa579ba11531a5dbf0c8879c2a66b1212d245f9dd0f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 878F 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704535361751
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtuOWYzZnhsYjdqYyi_yuSsBjIKCgJERRIEEgAgZw%3D%3D
X-YouTube-Ad-Signals: dt=1704535359683&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C391%2C220&vis=1&wgl=true&ca_type=image&bid=ANyPxKq9LiseQKkzvV1fbL0N0bGqx-9GSgicpJxLZkBo6JI_ge8MyURqaDeHAy86_jnGq-HVDcR6yTR4z7tLXDodkvSQGTUkQQ

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 06 Jan 2024 10:02:41 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ 993 B
519 B 29ms
29ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sat, 06 Jan 2024 10:02:41 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2C4D 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFnp8cLTNpisw08bUB7tbMV9vfc419F5oSf8V8PBvKmlp8kiivr493Zu_X57p-rI4WeOX97eqtaqjBqvmoEPc3Iw36-akyw2fZoH6WP3FHtVjWecL291ZjViDFUpwfCUOyej8fC_KzLdSJylCk_rvrgzoIamjAijuZaXENUgsLnUllXRxZCnM_EG5EuhdAXBnwrjmwoPZkIaJbLv6IBJkxQXx5XU-6d46UG9c-kwK1y3kJYeUjZ7OueIx7S1LeTj6Gf8rO8fXIoXwOCqTj4A6lb0HjnWYkINutsebew7ubZBv49QtSiV4d6tUWMemBJtyeTuzZ2iR5MPRA8yWu9qc_H0OKEkNFZ4jBs9SXSNUBl0tLog8MqaM&sai=AMfl-YRiI7a3jR2jaAjKQt55cjpbi_UvzEt16w1H5SDgtfEm7kz4KmulO2zl3H-9z_OdGxaf5nKN-q9FWyqloN-Hajy8UO00dv2St9w1sxVc-Zdgt0V48DbK7KwT5frIcQ&sig=Cg0ArKJSzP-MkNcCzJk2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 508cfab9631f5b501a9991a62d93b669.js Show response
scripts.cleverwebserver.com/ 133 KB
48 KB 54ms
19ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/508cfab9631f5b501a9991a62d93b669.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b4f3c1adc28a7630fdffd0fc14f9549a88989802f39105316de71aff81b2e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
x-amz-version-id: raIvHZ71nRsrgRsAdYsxjn9PQplprICh
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 14:40:32 GMT
server: cloudflare
x-amz-request-id: 557BWS3WVGY0B1PN
age: 657
etag: W/"c1e2e8b2ade09583a4f45ea85c6ad165"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 8413207b5d1bbb83-FRA
x-amz-id-2: CZKM3qZg6dWiqSIaGzG7pTkoBp4+MqgyTxp8vVKd6Qoq1EzdiwG4k9uBzpSxB+Z3l2Rn2AHgS6Q=
expires: Sat, 06 Jan 2024 10:32:41 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C4D 204 KB
65 KB 54ms
33ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 10:02:41 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/ 216 KB
67 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68492
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 08:38:08 GMT

GET
H3 200 OsCp2pYT2_A Show response
www.youtube.com/embed/ Frame 1C04 92 KB
39 KB 61ms
61ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32a74a727a955051d7fde36d6c74917be39d040a5badf854ba9697fdcffcab51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1C04 28 B
54 B 21ms
20ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704535361803
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtKV0RuYmw1c21ETSi_yuSsBjIKCgJERRIEEgAgJQ%3D%3D
X-YouTube-Ad-Signals: dt=1704535359763&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C391%2C220&vis=1&wgl=true&ca_type=image&bid=ANyPxKr2KwX5x2qcOtG5zwuBavpBnL9hQS7jygBOHhO8xetggqQTnS2vulMW4IzRqsIoKCPhzDD6M9vpJxwR-n3dO3_p2zC9hA

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 06 Jan 2024 10:02:41 GMT

GET
H3 200 2pR204OZkqw Show response
www.youtube.com/embed/ Frame 4D6A 92 KB
39 KB 71ms
70ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc2e951c1449fad28c637cef5c91e60eff22787a072d640d346e4d895cf95cb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4D6A 28 B
54 B 24ms
22ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704535361807
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtvTWtpTHY5cGlvUSi_yuSsBjIKCgJERRIEEgAgLg%3D%3D
X-YouTube-Ad-Signals: dt=1704535359744&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C391%2C220&vis=1&wgl=true&ca_type=image&bid=ANyPxKp9qUyGFjdrER5IDUisCxj5Fb_QGUt2xM8eLEQl5WYAGVjwnG8LEU_fRsvDw9rOCM4DRjjvPhNLrB-Pu6AizZJGqAAXCA

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 06 Jan 2024 10:02:41 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 98ms
26ms Script
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 09:36:04 GMT
content-encoding: gzip
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, PRG50-C1
age: 1598
etag: W/"d6937d02acbbf691a008906e9d0617e0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: I4XH6xTdFc4UVGYxxNb2zP7lHAk-EPm7mRuzUSnXbIi_4pmOC25ZoA==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
28 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae06ac305b7c30a4cd180b0442bd40b2fba46aee15c5b6332ddf2c1df5a24398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29046
x-xss-protection: 0
server: cafe
etag: 430 / 19728 / m202401020101 / config-hash: 2026918608723226553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 10:02:41 GMT

GET
H2 200 pbjs-min.js Show response
tags.premiumads.com.br/scripts/ 394 KB
119 KB 25ms
25ms Script
text/javascript 2606:4700:20::ac43:4a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 369559
x-powered-by: ASP.NET
request-context: appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
last-modified: Thu, 30 Nov 2023 13:32:58 GMT
server: cloudflare
etag: W/"1da2391bb43c69d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1siS%2Bp5MiXBcK2fSOdBHtASuQBQ0U4%2Bmwc2iBCKu%2Fv9JpceVYSuH6wjupjXY%2BBkoyjrpYMYGCVNqeHoZ%2FLxRa3zqaoUD14vnrXBS5XzJbdJHJfGjCvrYgNiATlNWbPjEItakkf8laD%2BFWPcKLwywf1Pj06g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31536000
cf-ray: 8413207b5ef53819-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6Y13KJ1H5Q

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52433f5ec5a647f3b23fd6166154a25011d0004e88bcef73c4b82bb22f8deb21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81965
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 10:02:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6Y13KJ1H5Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6cf554f1498ee9e7a5c703dac7b8ed5bbc38701e6831e4c6c14ec7b0024c0bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81965
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 10:02:41 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 21ms
21ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/e8n0t8ubqm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: br
last-modified: Wed, 03 Jan 2024 15:51:12 GMT
etag: W/"0x8DC0C73CFCC02AC"
vary: Accept-Encoding
x-azure-ref: 20240106T100241Z-4qfur6nbbh2xt0vv003tsremf800000001e000000000cg2h
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 34d28921-201e-0023-126e-3fb418000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

OPTIONS log
play.google.com/ Frame 0
0

POST atr
www.youtube.com/api/stats/ Frame 878F 0
0

POST log
play.google.com/ Frame 878F 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 878F 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 878F 358 KB
46 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 878F 52 KB
16 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 878F 322 KB
96 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 878F 2 MB
770 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 878F 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 124545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 878F 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 395110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6Y13KJ1H5Q&gtm=45je4130v9119074088&_p=1704535359438&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=16618184.1704535360&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1704535361&sct=1&seg=0&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5415
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y13KJ1H5Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/ 159 B
382 B 33ms
24ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef8e021a7ccde8cf82e82b98d524c7288c59923fade810ad612d3cc1101ceeb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 8413207bed93bb83-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

OPTIONS log
play.google.com/ Frame 0
0

POST atr
www.youtube.com/api/stats/ Frame 1C04 0
0

POST log
play.google.com/ Frame 1C04 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 1C04 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 1C04 358 KB
46 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 1C04 52 KB
16 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 1C04 322 KB
96 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 1C04 2 MB
770 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

GET
DATA 200
OK truncated
/ Frame 2C4D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06bc30ec61e2b2509b4eaae78e7aae5fcb2aa922645427a7cd5342bc4508327a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2C4D 0
0 57ms
43ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5UmUQzjzDF2xgGpuXFXmRQ7TwTLmVMnc6M2STBwmxSsvXH3H5zMB0KGbqB6WB1C6ghiV-JP9zzeBwdR9SIxD1c1xv6Si7VeCrof9gM9Ru62XD7PtXcGtV-6c1oHh3fTIYYR7frjlSrJ_8PBmT9xi7G_IX2_I2HicNr6iNAsfmOQv8e74rAPZD-BXIfIihSilT1DGUqftRNJDcCr2kN5JVO4thxwWMUgQHibw3FdB72AYXz-5rHoaqOr_xTBmGA7d4l4r66OUzzHQg8KxLZhMLD_VT-rxOcDPRsX51y_Os_f7HU5CQOTkr--Y6HpWeiNqf1FLCRZsbiWYq2Ylg09DoGg9VvSFOy005zFQ&sai=AMfl-YRH2C0DfuT5J-Q4nykHSvrIZMOlzD5hTBOdMeaOTMWX5qZVPNsCHi4_RtalqKp0N6zua2lBpbpcoe37AZ2o9vxhhsOWQnUl7RXExx45lweOLr7SCaAAkTxxqGG3yg&sig=Cg0ArKJSzBIhkgKDmGPREAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 10:02:41 GMT

OPTIONS log
play.google.com/ Frame 0
0

POST atr
www.youtube.com/api/stats/ Frame 4D6A 0
0

POST log
play.google.com/ Frame 4D6A 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 4D6A 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 4D6A 358 KB
46 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 4D6A 52 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 4D6A 322 KB
96 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 4D6A 2 MB
770 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265064
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C04 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 124546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C04 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 395111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H2 200 / Show response
id.navegg.com/uid/ 16 B
303 B 574ms
539ms XHR
application/json 2606:4700:10::6814:e180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.navegg.com/uid/

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:e180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
cross-origin-opener-policy: same-origin
vary: Accept
allow: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY
cf-ray: 8413207d5c1a3a9c-FRA
access-control-allow-headers: *
content-length: 16
access-control-allow-method: GET

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4D6A 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 124546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4D6A 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 395111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 878F 113 B
159 B 16ms
15ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8ddc9b65b0d9832fa743c27a589bc7f5dc0544ad1227397ba5211dc088f091d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 878F 29 B
54 B 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 09:54:13 GMT
x-content-type-options: nosniff
age: 509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 10:09:13 GMT

GET
H2

200

widescreen.html Show response
lp.cleverwebserver.com/betano/de/sports/sports_de/ Frame 2883
Redirect Chain

https://sender.cleverwebserver.com/group/49109?id=798620&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&ruri=&r=362332089&tok=33419711310201791433&t=1704535361&cmpId=&fb=0&wl=1&...
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNT...

2 KB
890 B

106ms
87ms

Document
text/html

2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=362332089
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951a648e9dceecbd26a6761c1a6d4974312dcd347626a2ba86ea3acf2b2a4790

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=28800
cf-cache-status: MISS
cf-ray: 8413207dff1dbb83-FRA
content-encoding: br
content-type: text/html
date: Sat, 06 Jan 2024 10:02:42 GMT
expires: Sat, 06 Jan 2024 18:02:42 GMT
last-modified: Fri, 05 Jan 2024 16:16:02 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: MIS1yrcFT5+fAdWlLz/ysl/oL/hDlM3/uNztumpbMv5UL31/cNv2qDR7YIYQ4bLpspNNSSPWI/w=
x-amz-request-id: GQKSDX3DVC422Y5Y

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8413207daee8bb83-FRA
content-type: text/html
date: Sat, 06 Jan 2024 10:02:42 GMT
location: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=362332089
server: cloudflare

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 655 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
841 B 98ms
37ms Script
application/javascript 65.9.95.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-3.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: b9fd0e8576ea84ddc87bdb42eaeba3b53e1fc468bc6e3be6eaf07561846010db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 09:53:46 GMT
via: 1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
age: 536
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: eFzqMDDIZrzUrIHN_OnAooJ8zdZ_yGRvFV6QIaoPWOe3dXiIwTYmyg==

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 78ms
36ms XHR
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 10:02:42 GMT
x-amz-cf-pop: PRG50-C1
age: 11618
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Ep-R-LTNC15FraH4zvo65x20ajlXvIt02Ei8N59chKKxdFVkSYKDxQ==

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
315 B 288ms
95ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Date: Sat, 06 Jan 2024 10:02:42 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 878F 87 KB
40 KB 25ms
25ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c43156da1e25f4488d1dc2ea27d1b39cdb43ba8a2042176fb4795369b2e010a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40768
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 878F 116 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H3 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame 878F 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 17:15:54 GMT

GET
H3 200 sddefault.jpg
i.ytimg.com/vi/QapS58_46_U/ Frame 878F 53 KB
53 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/QapS58_46_U/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e193e694bd5cb3b61e7c7a0a51f37e2422326b5363ee1081cd4904893f7ceee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
x-content-type-options: nosniff
age: 2
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53934
x-xss-protection: 0
server: sffe
etag: "1704401534"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 10:07:40 GMT

GET
DATA 200
OK truncated
/ Frame 878F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 nrraxF0s2jKOl6isMlIEzUjbDvkobeirl6UJxK8DnYrLXDJUOOIAbjNlRx3YC7xz3X-zTjr0OA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 878F 3 KB
3 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/nrraxF0s2jKOl6isMlIEzUjbDvkobeirl6UJxK8DnYrLXDJUOOIAbjNlRx3YC7xz3X-zTjr0OA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7f602f9a56289339e05c21b93cca562e0314d1eb293a8304ae5ce18803470992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 07:18:26 GMT
x-content-type-options: nosniff
age: 9856
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3157
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 07:18:26 GMT

GET
H2 200 /
call.cleverwebserver.com/ 43 B
105 B 45ms
26ms Image
image/gif 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=49109&c=DE&r=HE&l=253&b=Chrome&os=Win10&mob=0&v=1.60.17&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8413207e3f44bb83-FRA
content-length: 43
content-type: image/gif

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 1C04 113 B
159 B 14ms
14ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fde56c6c9596482bc9267cc3cabc1ce6f637825cc794ca30222ace00fd279bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1C04 29 B
54 B 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 09:54:13 GMT
x-content-type-options: nosniff
age: 509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 10:09:13 GMT

GET
H2 200 p-06ec9229.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/ 1 KB
1 KB 531ms
531ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-06ec9229.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f503828aae308bbda421228d89fff3f9f7f4580f27faaf02c774ce73f9e066f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-dd84f628.entry.js
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/web-components/dist/web-components/p-06ec9229.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 05 Oct 2023 00:07:34 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 2113
etag: W/"1110-1696464454000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: REVALIDATED
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:42 GMT

GET
H2 200 p-ddd39b27.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/ 20 KB
7 KB 531ms
531ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-ddd39b27.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

76308542c656df00ba56ff7626a63a3161e8c42877ad873fa50844d25f77db50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-dd84f628.entry.js
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/web-components/dist/web-components/p-ddd39b27.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 05 Oct 2023 00:07:34 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 854
etag: W/"20496-1696464454000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: REVALIDATED
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 10:02:42 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1C04 87 KB
40 KB 22ms
22ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2726a1ad9f097224b96b3b33cd673d3b714a0fa0daf71959b47b588cba1b1983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40758
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 1C04 116 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H3 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame 1C04 50 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 17:15:54 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/OsCp2pYT2_A/ Frame 1C04 19 KB
19 KB 8ms
8ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/OsCp2pYT2_A/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cf50d044cad2c23d11f7fa39888aedfccfa55f337df706b54b2cca7cb736e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:40 GMT
x-content-type-options: nosniff
age: 2
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19206
x-xss-protection: 0
server: sffe
etag: "1704316711"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 10:07:40 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 878F 90 B
134 B 17ms
17ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d528b8fe3050031ad22112d3ce7eec33b2cbe44a7ccece08c6c511741c652f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 4D6A 113 B
159 B 15ms
15ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

008e088ef45844c459202790b51cbade30cb2b6f0d0dfabefa3055a1ffc48866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4D6A 29 B
54 B 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 09:54:13 GMT
x-content-type-options: nosniff
age: 509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 10:09:13 GMT

GET
DATA 200
OK truncated
/ Frame 1C04 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 1C04 2 KB
2 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a3eee885775f74730ef43503e2a686731d4ef88baf70a6894a313789b81417b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:34:47 GMT
x-content-type-options: nosniff
age: 12475
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2148
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 06:34:47 GMT

GET
H2 200 bg-1490x300.webp
lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/ Frame 2883 40 KB
40 KB 19ms
18ms Image
binary/octet-stream 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/bg-1490x300.webp?v=33
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=362332089
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=362332089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 15:38:45 GMT
server: cloudflare
x-amz-request-id: 5WDRK5PX9R1HHDHH
age: 6789
etag: "36d580ed1582db1c3722787924fc00d3"
vary: Accept-Encoding
content-type: binary/octet-stream
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 8413207effd5bb83-FRA
content-length: 41072
x-amz-id-2: cMCNFGZ0HfUPSsmvt7suAlqh+8dLRIu2roEbG9V0R28nImKkIAabqC0ak3/QEdBmQebaduMoqXo=
expires: Sat, 06 Jan 2024 18:02:42 GMT

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 2883 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=362332089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=362332089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
server: cloudflare
etag: W/"6581a422-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8413207effd7bb83-FRA
expires: Mon, 08 Jan 2024 10:02:42 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
14ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4D6A 87 KB
40 KB 26ms
26ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2745f79803d24b0ab66a1d0c1c7910aea0b76e5a4adac851545c335bb80db1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40638
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 4D6A 116 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 265063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H3 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame 4D6A 50 KB
19 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 17:15:54 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/2pR204OZkqw/ Frame 4D6A 17 KB
17 KB 8ms
8ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/2pR204OZkqw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fa506cbf6bc4d331c1041a54489d78e9c9e3e79b17364444e86ac3455760775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
age: 6400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16990
x-xss-protection: 0
server: sffe
etag: "1703873332"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 10:16:02 GMT

GET
DATA 200
OK truncated
/ Frame 4D6A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 4D6A 2 KB
2 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a3eee885775f74730ef43503e2a686731d4ef88baf70a6894a313789b81417b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:34:47 GMT
x-content-type-options: nosniff
age: 12475
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2148
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 06:34:47 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1C04 90 B
134 B 27ms
26ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25886c58f1dc8342e3dbf80b0dc3bb86f6b61555897744725216eeec1a943bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 878F 4 KB
2 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 10:02:42 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4D6A 90 B
134 B 18ms
17ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

821bfc399058e99db9234bdce657ebc374744408325a35c730cda1af4b247145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 clever-core-other.js Show response
lp.cleverwebserver.com/ Frame 2883 1 KB
845 B 18ms
18ms Script
text/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/clever-core-other.js?v=33
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a5e290f330a473df29695496b8d33d379cb2b17686b63f9356bb23e07f7bd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=362332089
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 7VRZYXWQK13NXNP1
age: 6472
cf-polished: origSize=1799
x-amz-id-2: BIJwvXBjlo5WX47NP/4Hbb7sS4A9mfBHPFCCv71kZuv0jgYsS3+c3nHzbEt8kd6DuRFgBkgeRpU=
cf-bgj: minify
last-modified: Mon, 18 Dec 2023 15:38:56 GMT
server: cloudflare
etag: W/"e5be82211892c5a612ab8274562f1ef2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=28800
cf-ray: 8413207fd877bb83-FRA
expires: Sat, 06 Jan 2024 18:02:42 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 878F 0
12 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?WAA4pA
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1C04 4 KB
2 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 10:02:42 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 1C04 0
12 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Pa-Irg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 878F 50 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 02:27:50 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4D6A 4 KB
2 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 10:02:42 GMT

GET
H2

200

index.html Show response
promos.betano.de/willkommenspaket/ Frame 2FED
Redirect Chain

https://gml-grp.com/C.ashx?btag=a_1152b_2931c_&affid=431&siteid=1152&adid=2931&c=CAABXNMSLADAADE
https://gml-grp.com/C.ashx?btag=a_1152b_2931c_&affid=431&siteid=1152&adid=2931&c=CAABXNMSLADAADE&AutoR=1
https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

12 KB
4 KB

87ms
53ms

Document
text/html

2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js?v=33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

232e57e26cf3fa651f180a44990cac9186e4858c0c6e626a0a1eab5a32a7955d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 125837
cache-control: public, max-age=900, immutable
cf-cache-status: DYNAMIC
cf-ray: 84132083ec354d86-FRA
content-encoding: gzip
content-md5: uFN4f36vMGzzhOrcv8TbsA==
content-type: text/html; charset=utf-8
date: Sat, 06 Jan 2024 10:02:43 GMT
last-modified: Wed, 22 Nov 2023 09:55:40 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 30438b3d-e01e-0054-5870-235d55000000
x-ms-version: 2014-02-14

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 841320834c9099a5-CDG
content-type: text/html; charset=utf-8
date: Sat, 06 Jan 2024 10:02:43 GMT
location: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doh1AdXGk4opQjrcdWcwU%2Fq%2FedA9p%2FQ8Uzk%2FcORq9GlwF1U%2FRLpbazsKvSFHUa87vYhdA5cpJTqg1LoNF09qmMwGzFsjP4%2B0ErNACf8PVN3LN74goUZ%2FvdEgum5bgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
www.youtube.com/ Frame 4D6A 0
12 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?S2D53Q
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 1C04 50 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 02:27:50 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 4D6A 50 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 02:27:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9EDB 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRkh-AGSxbUcUCHO8w7r_vB4F_K_u-br1dmOcKs-3D73Ql0HBnmhm8OkMQUy-0hPr455wgogvH_qaOKIOG2TMAToBeHrTvpYixxaefFQhW7agyPl1wY4sGAVFv2H7y2KZZZLWxAeZoSKOk0g982c--_BCIH0FXFWKebEi8BiwhUOr4xW7k37WyN52UPI6Fs-lOHP2rph_cXkjwiAYQZnaZlvRxvWskIN6bwnHf1oxEoFtndAzpsvKoa6XR7QU--TwtSWEhtswe687R6wAhR3_4zgzW15hAd5YGvHkhXyrjqlPVq9hqppD5-MJb3H2ClsMOAFibYYtZErBD0Iuut7evvk3bhRPpG9bYi-0GvH2unaqtGrbr2ynR-cDVAA&sai=AMfl-YQlpZMj1S1wiHU__aMP0g_MjxM68a1vO3SmWrEFw_OY_vFN_mFpgAgAzoVmdy38kIqJEPkoGU9ejiKbPNubMlJhhIXIQKCP5rayEf48PJEr5GDts1qbEhpbQt0YJQ&sig=Cg0ArKJSzHuvjtsyHALXEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 9EDB 3 KB
2 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 15:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 15:03:37 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EDB 204 KB
64 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 10:02:43 GMT

GET
H2 200 3442483532606909665
tpc.googlesyndication.com/simgad/ Frame 9EDB 256 KB
257 KB 29ms
10ms Image
image/gif 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3442483532606909665

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d461b8b1f577c1f462b16c4bf43cd457bddb68fa6bfe91c982851d4d88c350ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 22:21:12 GMT
date: Fri, 05 Jan 2024 22:21:12 GMT
x-content-type-options: nosniff
age: 42090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 262536
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 23:20:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9EDB 0
0 14ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0SK6gmgcH3ZVOJrohPaKK5yDFy_BzaF_TTX9Vq8nj_pZqWYANsgPC9j2hDenircT9t4HJvONlPwpUr9azQ4zLoy4nPQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 9EDB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e7de0df49c41b2bd42ee609991f15ed0eaa67f914725d6a0e05cc2b9f779c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C4D 42 B
404 B 62ms
42ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKcAwzQM41p7p00sSKVceeshSlAPxbLnOnVLZR6Xxlx45t1ZJnVUb4LXkSbjzSw3MGgyvPM5XtClhh1KN1aCzjDVKmjFsGukqyfDYIQ79p8hDNuQd6LPf1M6lZkX1bCBd5kAs-fVe2uWBPoCpaF9m1PQ&sig=Cg0ArKJSzNr8Akb-czxrEAE&id=lidar2&mcvt=1000&p=292,250,402,1350&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3090499511&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704535361771&rpt=178&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9EDB 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufkYfUVpjSPewFSrPjWLjjjuvPrHOJ2so7fzZZcR4AdQVJym7SMunRke4EgQi7iL1NJHfnXT8kNWLobgCEXsFS87CxJjk0nQz30_Jzb96avG8y52MtBy_rwACBTjRutq1nVO-GzrdV8AcIDFnptxX41lltstT337KXxpJ1E5Hy2B04XJZVNM2c2kLAL6TkctL8tZ5uc811vf3EomsG66Htr-fyHuHGHOjqre1HDj-OpZTQUNEmjTlBFsRXcSH9OlOY_Z1mVzqv2-Bkiq4gIRsgF11VmT6MarWVt28xgIO7DKiDic6YSbPAd5SlPUPi4s6P3h5i_-n9P-HiSe_T5nPHBg6yISu_KaMPEbkIZRSJXtOQE2lGTnLoDec-Qvk7&sai=AMfl-YQ3FLcMSy3Lqle29rhgm5dT-2N8sAemjkWMCQ6BNT2lT1Spdvp1KlcsfGGlYJlpeeYNZlKxdAf8vrcCO8ywdgLcF7QyRTykzBBeKtItFx3C9yxzXLo6_vdPf1nuDA&sig=Cg0ArKJSzO8jImrTiCgYEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 10:02:43 GMT

GET
H2 200 r4JQVZETZTeQtnzawJh5s2Wbw6I.js Show response
promos.betano.de/cdn-cgi/apps/head/ Frame 2FED 4 KB
2 KB 21ms
19ms Script
application/javascript 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/apps/head/r4JQVZETZTeQtnzawJh5s2Wbw6I.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-version-id: 3sraLaHyO3PY1q7UPyU188EJJRO793MA
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 7ZDJP86Y16F6PAHA
age: 344
content-length: 1344
x-amz-id-2: kXMMGE8uh2bElZ/7ffDMeIjZ01tdzXRXFW2Q7G7nprKE3q9noXfVN26vtFkcQTAv8W2db4Pj9Kk=
last-modified: Thu, 21 Dec 2023 12:52:13 GMT
server: cloudflare
etag: "30cf280ac36d10da9b831b91729cc23c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 841320844c7c4d86-FRA
expires: Sun, 05 Jan 2025 10:02:43 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 2FED 86 KB
30 KB 8ms
6ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9733163
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21965-LGA, cache-fra-eddf8230139-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704535363.242220,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 454, 985067

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ Frame 2FED 42 KB
11 KB 15ms
14ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5082582
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230036-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2lRKQpsv6nvbdgVqsrXUr0hvpEqbmrznHq7jQoQT7AO8qf9gv9Wg6f409IpfABNbEqvAMW9OYKvGpIZpqJK3%2BEvVqwS5mWK6SBByhQLHD8cJ%2Bn9VfcxEH6IeFtSvLvC77h%2Fj6ZEBuX4XjEcuKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 841320844885363c-FRA

GET
H2 200 Init.js Show response
promos.betano.de/willkommenspaket/ Frame 2FED 2 KB
877 B 34ms
33ms Script
application/javascript 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Init.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 5
content-md5: MU2fLrkr53Ix09vSPFEwZA==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: W/"0x8DBEB412FE1A984"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 988ada8a-801e-000f-092f-1d646e000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 841320844c7e4d86-FRA
expires: Sat, 06 Jan 2024 10:17:43 GMT

GET
H2 200 Landing.js Show response
promos.betano.de/willkommenspaket/ Frame 2FED 614 B
442 B 32ms
31ms Script
application/javascript 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Landing.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 5
content-md5: IVOxqm2c5AfGSPYura3A9A==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: W/"0x8DBEB412FED1990"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a9a48359-a01e-0037-26b4-21c0ae000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 841320844c7f4d86-FRA
expires: Sat, 06 Jan 2024 10:17:43 GMT

GET
H2 200 custom.js Show response
promos.betano.de/ Frame 2FED 8 KB
3 KB 35ms
34ms Script
application/javascript 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/custom.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 80
content-md5: IACfhqsuxFK5etAGqh7MRA==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 20 Oct 2023 08:33:32 GMT
server: cloudflare
etag: W/"0x8DBD1473EA630C7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2cea0825-101e-0032-6d75-131275000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 841320844c804d86-FRA
expires: Sat, 06 Jan 2024 10:07:43 GMT

GET
H2 200 tagline.png
promos.betano.de/willkommenspaket/ Frame 2FED 219 KB
220 KB 39ms
38ms Image
image/png 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/tagline.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2k9YU1t/lIEgNgYbwdE88A==
age: 5
content-length: 224661
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: "0x8DBEB412FFF665B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ceddd487-201e-0029-5827-242c76000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320844c814d86-FRA
expires: Sat, 06 Jan 2024 10:17:43 GMT

GET
H2 404 Rectangle.svg
promos.betano.de/willkommenspaket/ Frame 2FED 215 B
215 B 36ms
36ms Image
application/xml 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/Rectangle.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b386c1dcf70187f79d9a110f727a4d0e032d97c3857b77554d165100a18cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 172
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 03efa971-b01e-002b-3587-4092ce000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 841320844c834d86-FRA
expires: Sat, 06 Jan 2024 10:07:43 GMT

GET
H2 404 bullet.svg
promos.betano.de/willkommenspaket/ Frame 2FED 215 B
215 B 31ms
30ms Image
application/xml 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/bullet.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6c4435eabd0c88ed7622215dceffe1cae1feedc6f4be9c69e1959a342ed159c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 133
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 717c4de4-901e-0071-0c87-40f429000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 841320848cb84d86-FRA
expires: Sat, 06 Jan 2024 10:07:43 GMT

GET
H2 404 banner1.png
promos.betano.de/willkommenspaket/ Frame 2FED 215 B
215 B 36ms
35ms Image
application/xml 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner1.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a2790437cfcc940ab2219ec21668360b7dd1a2349a43329a7f5630a3751cdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 133
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 21e2ff64-801e-0020-6587-4069a5000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 841320848cb94d86-FRA
expires: Sat, 06 Jan 2024 10:07:43 GMT

GET
H2 404 banner2.png
promos.betano.de/willkommenspaket/ Frame 2FED 215 B
215 B 35ms
34ms Image
application/xml 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner2.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09e83d24beac29930817f2b29c07b0e93e67f0f9ed156c26158e14ec376487d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 133
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: b4f12eef-401e-002f-3487-401fc9000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 841320848cba4d86-FRA
expires: Sat, 06 Jan 2024 10:07:43 GMT

GET
H2 404 banner3.png
promos.betano.de/willkommenspaket/ Frame 2FED 215 B
215 B 33ms
33ms Image
application/xml 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner3.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cdb5d2ba192caa376934b452931cabcc68dccd29acc7edd19990cbe1ff018ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 133
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 8bcf703f-001e-003e-2387-40857d000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 841320848cbb4d86-FRA
expires: Sat, 06 Jan 2024 10:07:43 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
315 B 94ms
94ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Date: Sat, 06 Jan 2024 10:02:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 2FED 397 KB
115 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a9312afd85bf05db20e843f1bd4bc8a21c10246d13b02973ae5748abb9e65fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118108
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Jan 2024 10:02:43 GMT

GET
H2 200 tags.js Show response
dd.betano.de/ Frame 2FED 147 KB
27 KB 109ms
24ms Script
text/javascript 65.9.95.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.betano.de/tags.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-18.prg50.r.cloudfront.net

Software

Apache /

Resource Hash

c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 09:19:09 GMT
x-amz-cf-pop: PRG50-C1
age: 3199
x-cache: Hit from cloudfront
content-length: 27331
last-modified: Wed, 29 Nov 2023 13:37:06 GMT
server: Apache
etag: "24cd6-60b4aa18fa3ca-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: ZWK30dUHhZXH_NurA_13nJe1oruc4uiiZHFq_3p57lQahwXEO8j2PQ==
expires: Sat, 06 Jan 2024 10:09:24 GMT

GET
H3 200 ns.html Show response
www.googletagmanager.com/ Frame 3504 692 B
344 B 17ms
16ms Document
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/custom.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf1980085377beac89f8a89b943bab7c024dae739a3c2c1f7e8238f4a23d4c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 322
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2

200

main.js Show response
promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 821F
Redirect Chain

https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

20ms
19ms

Script
application/javascript

2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4a07b91490d7ec326d987e1c5541ef4a936f78031cbf09e9db7a68d11826226

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84132084acd94d86-FRA

Redirect headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 841320848cc44d86-FRA

GET
H2 200 css-betano.css
landingpages.kaizengaming.com/layout/ Frame 2FED 266 B
477 B 55ms
23ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: VV0mNMQdoST1edPAjk1m6w==
age: 1694
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:08 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1339F5D"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: bde81f05-701e-0024-4815-24e4a2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 84132084bb4f4d25-FRA

GET
H2 200 css-theme.css
landingpages.kaizengaming.com/de-sport/ Frame 2FED 799 B
992 B 52ms
21ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/de-sport/css-theme.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: kJMidRkqsO72r6TQLkoSKQ==
age: 1597
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: W/"0x8DC0D357C9A7985"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f92bf1fe-701e-0034-7b1f-3f21ca000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 84132084bb4e4d25-FRA

GET
H2 200 css-betano_worldcup.css
landingpages.kaizengaming.com/layout/ Frame 2FED 3 KB
1 KB 59ms
28ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano_worldcup.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: k3d6Yiaa8bmwIFFDC1yKKQ==
age: 1694
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1452901"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3f0a9451-401e-0000-3985-221202000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 84132084bb4d4d25-FRA

GET
H2 200 css-iframe.css
landingpages.kaizengaming.com/layout/ Frame 2FED 2 KB
900 B 53ms
22ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-iframe.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 39E7RXrp/bQVuYTQHPOHVg==
age: 131
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D385763B"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 29c75b42-801e-000f-78e1-11646e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 84132084bb494d25-FRA

GET
H2 200 Theme.css
promos.betano.de/willkommenspaket/ Frame 2FED 4 KB
1 KB 31ms
31ms Stylesheet
text/css 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Theme.css

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 567
content-md5: iEQB/4Da+za49y9++eEi0A==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: W/"0x8DBEB412FC9DF39"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 60be76b6-401e-005d-0467-221886000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 841320848cc94d86-FRA
expires: Sat, 06 Jan 2024 10:17:43 GMT

GET
H2 200 common.js Show response
landingpages.kaizengaming.com/layout/ Frame 2FED 7 KB
2 KB 60ms
32ms Script
application/javascript 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/common.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Tt1r+v6iV6U4snwCJhK1bQ==
age: 131
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:08 GMT
server: cloudflare
etag: W/"0x8DBA4A5D12AEE0B"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 10822b42-101e-006f-70ba-2118f1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 84132084bb504d25-FRA

GET
H3

200

/
www.google.de/pagead/1p-conversion/763238947/ Frame 3504
Redirect Chain

https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=QyWZZbLAE-yOiM0P9cu_8Ak&rando...
https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=864508237&sscte=1&crd=&pscrd=IhMI8u3ZhsHIgwMVbAeiA...
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=864508237&sscte=1&crd=&pscrd=IhMI8u3ZhsHIgwMVbAeiAx...

42 B
64 B

22ms
22ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=864508237&sscte=1&crd=&pscrd=IhMI8u3ZhsHIgwMVbAeiAx315Q-e&is_vtc=1&ocp_id=QyWZZbLAE-yOiM0P9cu_8Ak&cid=CAQSKQAvHhf_f7MkYo22I2hNG_e50rwb3NvJi_dYWsU9CBpYK5e59KXLABHU&random=506747009&ipr=y

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.googletagmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=864508237&sscte=1&crd=&pscrd=IhMI8u3ZhsHIgwMVbAeiAx315Q-e&is_vtc=1&ocp_id=QyWZZbLAE-yOiM0P9cu_8Ak&cid=CAQSKQAvHhf_f7MkYo22I2hNG_e50rwb3NvJi_dYWsU9CBpYK5e59KXLABHU&random=506747009&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

activityi;dc_pre=CMjD3IbByIMDFebLOwIdJXgPGg;src=12738953;type=despo0;cat=despo0;ord=1708427651;~oref=https%3A%2F%2Fpromos.betano.de%2F
12738953.fls.doubleclick.net/ Frame 6740
Redirect Chain

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=1708427651;~oref=https%3A%2F%2Fpromos.betano.de%2F?
https://12738953.fls.doubleclick.net/activityi;dc_pre=CMjD3IbByIMDFebLOwIdJXgPGg;src=12738953;type=despo0;cat=despo0;ord=1708427651;~oref=https%3A%2F%2Fpromos.betano.de%2F?

0
0

POST
H2 200 84132083ec354d86 Show response
promos.betano.de/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 821F 0
252 B 38ms
38ms XHR
text/plain 2606:4700:4400::6812:24ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/challenge-platform/h/g/jsd/r/84132083ec354d86

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
cf-ray: 841320853d354d86-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 slick.css
landingpages.kaizengaming.com/layout/ Frame 2FED 2 KB
850 B 22ms
20ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/slick.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: WZ31BB/YyxPVIgu7I3iKsw==
age: 131
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D32ED756"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 4278cefd-901e-0013-0d07-24360e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 841320854ba64d25-FRA

GET
H2 200 slick-theme.css
landingpages.kaizengaming.com/layout/ Frame 2FED 3 KB
1000 B 34ms
33ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/slick-theme.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: UpLamLxcSvAJaktpLARRvQ==
age: 131
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D316E60C"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c3239d37-701e-0056-12b2-21e3ed000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 841320854ba74d25-FRA

GET
H2 200 css-fonts.css
landingpages.kaizengaming.com/layout/ Frame 2FED 4 KB
502 B 34ms
32ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-fonts.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: pvSNyxtpXpV4jwDcVBs+8g==
age: 1763
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1600014"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: e7dc3228-501e-0023-624e-1488c1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 841320854ba84d25-FRA

GET
H2 200 css-common.css
landingpages.kaizengaming.com/layout/ Frame 2FED 944 B
596 B 30ms
29ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-common.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 5eGR2sXfZgOapde0CV8YSg==
age: 131
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D14E9D7C"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f62bc62d-d01e-005f-1650-23a63e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 841320854ba94d25-FRA

GET
H2 200 css-landing.css
landingpages.kaizengaming.com/layout/ Frame 2FED 8 KB
2 KB 23ms
22ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-landing.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: JDqCfcVQtN58am64kAmqvg==
age: 131
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D168B161"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 400d0109-301e-000a-02ae-21b6b5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 841320854bab4d25-FRA

GET
H2 200 css-desktop.css
landingpages.kaizengaming.com/layout/ Frame 2FED 5 KB
1 KB 35ms
34ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-desktop.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: AOVpmo2f/4Wn1SoTquvjVA==
age: 131
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1574ECA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9f09804d-501e-001c-39f5-234062000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 841320854bac4d25-FRA

GET
H2 200 css-tablet.css
landingpages.kaizengaming.com/layout/ Frame 2FED 4 KB
1 KB 32ms
32ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-tablet.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Mr2IdhRK+4IeBy7KcyoBtQ==
age: 131
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D18E0E3F"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 81167245-301e-0035-4d07-247e16000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 841320854bad4d25-FRA

GET
H2 200 css-mobile.css
landingpages.kaizengaming.com/layout/ Frame 2FED 3 KB
1 KB 22ms
21ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-mobile.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: y0J3Tr1dgXYbzTPMrvAM5Q==
age: 131
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D171FED7"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 25a7325f-b01e-0066-64d8-155d22000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 841320854bae4d25-FRA

GET
H2 200 css-betano_theme.css
landingpages.kaizengaming.com/layout/ Frame 2FED 8 KB
1 KB 24ms
24ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano_theme.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: D6htD+uya4gpW6XLW/HaDw==
age: 1763
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D13C50A6"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 0b58af51-f01e-0048-55df-150f35000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 841320854baf4d25-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2FED 274 KB
91 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af1232b17e276a55e8f4efda3d6864e140577984130e0d805b5aaff21316dfb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92933
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 10:02:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2FED 265 KB
86 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SJLCV23YJW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba350076982da903525929c44d964c6f10c0beb24e9e5cbe32b4b338c3b9847e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 10:02:43 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame 2FED 3 KB
1 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1704535363426&cv=11&fst=1704535363426&bg=ffffff&guid=ON&async=1&gtm=45He4130v79977643&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&top=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br&hn=www.googleadservices.com&frm=2&tiba=BETANO%20MODE&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

848af624fb49d62c7f41b4c61478b6d671a1422b363000ecddf1d26d6d830c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1366
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 2FED 52 KB
21 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 Jan 2024 09:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 866
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 06 Jan 2024 11:48:17 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 2FED 41 KB
18 KB 109ms
51ms Script
application/javascript 65.9.97.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.248 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-97-248.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17883
x-amz-cf-id: F1dK9GRaVy7talPz0USKL92vkCprrROqTVsg0AruUdG0MbE1EpmMKQ==

GET
H3

200

activityi;dc_pre=CNay4obByIMDFbfLOwIdMTcBTg;src=12738953;type=despo0;cat=despo0;ord=2563273487739;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u... Show response
12738953.fls.doubleclick.net/ Frame 06D2
Redirect Chain

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=2563273487739;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
https://12738953.fls.doubleclick.net/activityi;dc_pre=CNay4obByIMDFbfLOwIdMTcBTg;src=12738953;type=despo0;cat=despo0;ord=2563273487739;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=...

605 B
391 B

48ms
48ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12738953.fls.doubleclick.net/activityi;dc_pre=CNay4obByIMDFbfLOwIdMTcBTg;src=12738953;type=despo0;cat=despo0;ord=2563273487739;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

17456f903fb619edc5dad6e65a5377a1d3ca032adf9629412288ef5af249cfa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:43 GMT
expires: Sat, 06 Jan 2024 10:02:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12738953.fls.doubleclick.net/activityi;dc_pre=CNay4obByIMDFbfLOwIdMTcBTg;src=12738953;type=despo0;cat=despo0;ord=2563273487739;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CPHI4obByIMDFbLiOwId5OAH7g;src=12738953;type=deaff0;cat=deaff0;ord=176614873892;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua... Show response
12738953.fls.doubleclick.net/ Frame 0E16
Redirect Chain

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=176614873892;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
https://12738953.fls.doubleclick.net/activityi;dc_pre=CPHI4obByIMDFbLiOwId5OAH7g;src=12738953;type=deaff0;cat=deaff0;ord=176614873892;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;...

604 B
389 B

48ms
48ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12738953.fls.doubleclick.net/activityi;dc_pre=CPHI4obByIMDFbLiOwId5OAH7g;src=12738953;type=deaff0;cat=deaff0;ord=176614873892;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

ff635879b1ef1bc44bf6dc1d05a7f1af338b8b1ab3287500489186fd1b54a0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:43 GMT
expires: Sat, 06 Jan 2024 10:02:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12738953.fls.doubleclick.net/activityi;dc_pre=CPHI4obByIMDFbLiOwId5OAH7g;src=12738953;type=deaff0;cat=deaff0;ord=176614873892;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 2FED 81 KB
31 KB 125ms
27ms Script
application/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000001bb82daec29e1fab-00646c8ee1-3295a825-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 2FED 202 KB
53 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 10:02:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54345
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: uoD43fTCwc3uUdmvobf9c7Iti76IuWLpWxK73aQMAg0h5EyIch4Ga65rKK+GSojLM0ToipEaX4eJ+5PZf8R0Ng==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 2FED 45 KB
13 KB 58ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 06 Jan 2024 10:02:43 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E2BD1044568649CEA480BE7D7C1049CA Ref B: FRAEDGE1206 Ref C: 2024-01-06T10:02:43Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 mgsensor.js Show response
a.mgid.com/ Frame 2FED 15 KB
5 KB 129ms
105ms Script
application/javascript 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/mgsensor.js?d=1704535363442

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 50e91628-dead-444e-be3d-0f1cbbb97dbb
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 84132085ad633609-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 iframe Show response
visuals.kaizengaming.com/scripts/ Frame 4374 3 KB
2 KB 80ms
47ms Document
text/html 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d7b688fc580923ed80bf15bd36dee883999b98d1c0f41234526f5bf57b5b336

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
age: 596
cache-control: public, max-age=14400
cf-cache-status: DYNAMIC
cf-ray: 84132085c936912a-FRA
content-encoding: gzip
content-md5: pRIJ2/N21dbBjDWXiJP+cQ==
content-type: text/html
date: Sat, 06 Jan 2024 10:02:43 GMT
expires: Sat, 06 Jan 2024 14:02:43 GMT
last-modified: Wed, 29 Mar 2023 06:31:05 GMT
server: cloudflare
vary: Accept-Encoding
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d451581a-901e-003d-763c-23a3c8000000
x-ms-version: 2011-08-18

GET
H2 200 index.html Show response
landingpages.kaizengaming.com/de-sport/ Frame 2FED 11 KB
4 KB 55ms
41ms XHR
text/html 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/de-sport/index.html
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c15e737b309c3f2f47dd3e3f9b0fcc0dd99c22a608323b7fcd41d4c9fca4bbff

Request headers

Accept: */*
Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
content-md5: vDXYtocVpM49uPnBc9xNFw==
age: 155084
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c4454eec-101e-001d-331e-3f1fbe000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 84132085af0e4d97-FRA

GET
BLOB 200
OK 66069456-ff4a-403f-85cd-d52e7a2b709e
https://promos.betano.de/ Frame 2FED 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promos.betano.de/66069456-ff4a-403f-85cd-d52e7a2b709e
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 2FED 2 KB
722 B 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 09:51:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 06 Jan 2024 10:51:00 GMT

GET
H3 200 234568464078651 Show response
connect.facebook.net/signals/config/ Frame 2FED 133 KB
35 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/234568464078651?v=2.9.139&r=stable&domain=lp.cleverwebserver.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2dde0b31d408bd1b0551394d5cd58426cd483af5df5b3ee34cd5948cda536ae9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 10:02:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35406
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: gu/ZEsR5ZHmX7ZBSt6va9Awb3sXC1gj9LEpZYqiDiFbqHJvWv9EEXXrGnP4pn3VqRO8nbc6TvGWwJzRTTWZd2A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 spn_Sporting_CP2_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 19 KB
19 KB 27ms
22ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Sporting_CP2_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: mwHkbVJHeMadNj4jxLZolA==
age: 1100
content-length: 19119
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357D9ECA52"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 531bca84-d01e-0070-041f-3fabf5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c394d25-FRA

GET
H2 200 spn_Benfica_2021_8_13_15_24_29_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 28 KB
28 KB 28ms
23ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Benfica_2021_8_13_15_24_29_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: oEUX3HqfuPUvYFG+QZJ9tQ==
age: 1100
content-length: 28849
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D29ABCF"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 2fedc717-901e-0003-651f-3ff366000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c3a4d25-FRA

GET
H2 200 spn_FC_Porto_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 24 KB
24 KB 36ms
31ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_FC_Porto_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: jSdk+PY50XexolMJPt5Q0Q==
age: 1100
content-length: 24710
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D5855F3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 9eede40c-401e-004d-231f-3fddee000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c3c4d25-FRA

GET
H2 200 spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 25 KB
25 KB 48ms
43ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: JhbPFXjZywCGfmkqf6Kweg==
age: 1100
content-length: 25859
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357D8D8ED3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 9f88b712-a01e-0008-241f-3f080d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c3d4d25-FRA

GET
H2 200 spn_Logo_Panathinaikos-01-3%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 19 KB
20 KB 35ms
30ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Logo_Panathinaikos-01-3%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: XMp6ffG72oNhRO1DDx+D8g==
age: 1100
content-length: 19885
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D754F8B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 6e46e239-f01e-003a-3c1f-3f087a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c3f4d25-FRA

GET
H2 200 spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 19 KB
20 KB 61ms
56ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: ZWskDbpA4tguY75DycNraw==
age: 1100
content-length: 19873
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357DA6DF70"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ea7034b1-801e-006d-7a1f-3fa649000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c404d25-FRA

GET
H2 200 spn_apoel%20footer_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 18 KB
18 KB 47ms
43ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_apoel%20footer_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: bqT5Gi69cDmYsDYa4bEKsQ==
age: 1100
content-length: 18469
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D122FAB"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 92766bec-201e-0016-131f-3fe4d5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c424d25-FRA

GET
H2 200 spn_apollon-logo-210x210_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 23 KB
23 KB 47ms
43ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_apollon-logo-210x210_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: GASNhmiazNjE2gYaQyS6Dg==
age: 1100
content-length: 23572
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D195A91"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ab37c451-901e-0071-631f-3ff429000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c434d25-FRA

GET
H2 200 spn_fcsb%20210x210%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 22 KB
23 KB 51ms
47ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_fcsb%20210x210%20(1)_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: SBVluZQtT7yiLEiEDAA5aQ==
age: 1100
content-length: 22894
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D5F80D9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ab37c3e1-901e-0071-7e1f-3ff429000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c444d25-FRA

GET
H2 200 spn_craiova%20fc%20logo_210x210%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 18 KB
18 KB 40ms
36ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_craiova%20fc%20logo_210x210%20(1)_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62abee42f8de35bf84f870156e78a63ef9ac008a94e48924de6101eb335c1856

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: OKKcJspihS+zi860B9s0Bw==
age: 1100
content-length: 18147
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D42AE4F"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 5d24bc30-401e-0062-7b1f-3fd025000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c454d25-FRA

GET
H2 200 spn_Sparta.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 5 KB
5 KB 34ms
31ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Sparta.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: /0mt5FHZVIAjX94uZVR7dA==
age: 661
content-length: 5318
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357E0B108E"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ea7034c4-801e-006d-0d1f-3fa649000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c474d25-FRA

GET
H2 200 spn_FC%20Viktoria%20Plzen.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 17 KB
17 KB 52ms
48ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_FC%20Viktoria%20Plzen.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: QZwghOjpQSeiH/VC0Pp+5g==
age: 1100
content-length: 17257
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D512B17"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 0123f51c-c01e-0021-391f-3f3679000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c484d25-FRA

GET
H2 200 spn_PFC%20Locomotiv.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 17 KB
17 KB 39ms
36ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_PFC%20Locomotiv.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: n8zLW8cpLiU4kbUrGnwtDw==
age: 1100
content-length: 17581
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357D9492A8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 6b0d8703-301e-001a-0d1f-3f73dd000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c494d25-FRA

GET
H2 200 spn_atleticologo_whiteoutline_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 15 KB
15 KB 47ms
43ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_atleticologo_whiteoutline_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: exAxLiOKF1ZQ22Z4FzBs+g==
age: 1100
content-length: 15119
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D20AC77"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 6daaf566-d01e-002d-4f1f-3fa171000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c4a4d25-FRA

GET
H2 200 spn_logo_fluminense%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 23 KB
23 KB 41ms
37ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_logo_fluminense%20(1)_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: 3yDwl8syJHaDX8oSywlAEw==
age: 1100
content-length: 23395
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D6DD690"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d6c05f40-d01e-005f-601f-3fa63e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c4b4d25-FRA

GET
H2 200 spn_CHUNCHO_CLUB%20U%20DE%20CHILE%20210x210_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 15 KB
15 KB 51ms
48ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_CHUNCHO_CLUB%20U%20DE%20CHILE%20210x210_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80a95fa030fd1df8c270f9c36ffa2c8e0f359ac337e57184d2923c5926d9ce2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: Jj6jwZ8PUpg8EK5z52QngQ==
age: 1100
content-length: 15040
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D3B355D"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 2e0b5c0f-c01e-001e-7e1f-3ffeda000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c4c4d25-FRA

GET
H2 200 FBCMELGAR.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 31 KB
31 KB 40ms
37ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/FBCMELGAR.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: laAoZTUUiqFTjoKqlD93JA==
age: 1100
content-length: 31523
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357DF4308E"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 6daaf5d3-d01e-002d-301f-3fa171000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c4e4d25-FRA

GET
H2 200 KOMETA.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 6 KB
6 KB 39ms
36ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/KOMETA.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: X1Is2lD/8CCkI96L9PqC6Q==
age: 1100
content-length: 6098
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357E025F49"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 70cd394d-e01e-0044-191f-3f983d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c4f4d25-FRA

GET
H2 200 logo_pce2.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 9 KB
9 KB 39ms
36ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/logo_pce2.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: Wdb5g3cD4eZh2Tm0CyXe6A==
age: 1100
content-length: 8998
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357E11ED51"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 09ab851a-701e-0024-311f-3fe4a2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c504d25-FRA

GET
H2 200 logo-betano.svg
landingpages.kaizengaming.com/de-sport/ Frame 2FED 22 KB
6 KB 55ms
52ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/logo-betano.svg
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: /8PMtJkMzUjtMFEegZIHcw==
age: 1100
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: W/"0x8DC0D357D0B04CC"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 229a35bf-301e-000a-3b1f-3fb6b5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 841320865c514d25-FRA

GET
H2 200 awd_egr-award-2022-operator-of-the-year.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 4 KB
5 KB 40ms
37ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-operator-of-the-year.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: aXcrchTaRow4V+J4yNZSjQ==
age: 1100
content-length: 4512
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357DCE37B5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 28c2e352-601e-0017-261f-3fbb09000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c524d25-FRA

GET
H2 200 awd_egr-award-2022-sports-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 5 KB
5 KB 40ms
37ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-sports-betting-operator.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: eXjGNE64RFjnYc6aOBQYqw==
age: 1100
content-length: 4692
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357DDC8D6A"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: fe396864-f01e-0005-101f-3fc0d9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c534d25-FRA

GET
H2 200 awd_egr-award-2021-football-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 6 KB
6 KB 56ms
54ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-football-betting-operator.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: QL48N56WPpNnD2BJCbdfrQ==
age: 1100
content-length: 6010
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357C70627F"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 9c3e8345-301e-0035-611f-3f7e16000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c544d25-FRA

GET
H2 200 awd_egr-award-2021-customer-services.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 4 KB
5 KB 42ms
39ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-customer-services.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e244ed2d3d2e650e8a423eec17d1792502c9b95fbc956c19a8fb8a8b93a9e4a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: p3VebR5AVw3QzT/Awp05+w==
age: 1100
content-length: 4583
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357C68746C"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 4f16724d-a01e-0018-5e1f-3fcd65000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c564d25-FRA

GET
H2 200 awd_egr-award-2019-mobile-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 6 KB
6 KB 58ms
56ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2019-mobile-operator.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495ad399c1caa9c72a5b1fad6051aaa739d0df20f5623afe10bb3dc4c6c2ff3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: 44fs+40EJE8j1DmLrNorsQ==
age: 1100
content-length: 6296
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357C5DA09A"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f9b78e1e-201e-0064-581f-3fe39a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c574d25-FRA

GET
H2 200 awd_sbc-awards.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 6 KB
6 KB 57ms
55ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_sbc-awards.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cd1efd147d00fc5bce9fd0cee40ed69acff80b89889375878a0570da83c986e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: +S8h4H5YiK6h8Y4RwrAOJQ==
age: 1100
content-length: 6301
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357C90DDF5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: fe39686e-f01e-0005-1a1f-3fc0d9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320865c584d25-FRA

GET
H2 200 icon-ios.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 6 KB
6 KB 55ms
53ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-ios.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: j0GjjlDNvp6PdAbk4d+Rqg==
age: 1100
content-length: 5932
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357CD6B62E"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a023b89f-401e-002f-081f-3f1fc9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320866c594d25-FRA

GET
H2 200 icon-android.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 6 KB
6 KB 59ms
57ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-android.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: Xcsdo6ehQR3VQfTMT595Zw==
age: 1100
content-length: 5944
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357CC0244B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: db20beff-a01e-0027-1e1f-3f05c6000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320866c5a4d25-FRA

GET
H2 200 icon-instagram.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 2 KB
2 KB 56ms
54ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-instagram.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: AUubypnMN2JeRlPkf9zpnQ==
age: 1100
content-length: 2235
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357CCFD966"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 68599c68-b01e-002b-2f1f-3f92ce000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320866c5c4d25-FRA

GET
H2 200 icon-facebook.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 1 KB
2 KB 59ms
57ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-facebook.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: DmyyMSlBYTT52o9Zn45TeA==
age: 1100
content-length: 1446
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357CC72817"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f92bf8cd-701e-0034-741f-3f21ca000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320866c5e4d25-FRA

GET
H2 200 icon-youtube.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 2 KB
2 KB 60ms
58ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-youtube.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: Io37aBC4ERo7T8rJ2LvIeQ==
age: 1100
content-length: 1674
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357CEC5DCD"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 637da297-601e-0028-6b1f-3f73aa000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320866c5f4d25-FRA

GET
H2 200 icon-linkedin.png
landingpages.kaizengaming.com/de-sport/ Frame 2FED 2 KB
2 KB 48ms
47ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-linkedin.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
cf-cache-status: HIT
content-md5: T9Bl2/9ajIjSJ/Oj1zQkFw==
age: 1100
content-length: 1615
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357CDDBA00"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 82448ad8-401e-005d-131f-3f1886000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 841320866c614d25-FRA

GET
H2 200 dc_pre=CNay4obByIMDFbfLOwIdMTcBTg;src=12738953;type=despo0;cat=despo0;ord=2563273487739;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver...
adservice.google.com/ddm/fls/z/ Frame 06D2 42 B
401 B 83ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNay4obByIMDFbfLOwIdMTcBTg;src=12738953;type=despo0;cat=despo0;ord=2563273487739;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152

Requested by

Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CNay4obByIMDFbfLOwIdMTcBTg;src=12738953;type=despo0;cat=despo0;ord=2563273487739;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12738953.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPHI4obByIMDFbLiOwId5OAH7g;src=12738953;type=deaff0;cat=deaff0;ord=176614873892;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=...
adservice.google.com/ddm/fls/z/ Frame 0E16 42 B
107 B 82ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPHI4obByIMDFbLiOwId5OAH7g;src=12738953;type=deaff0;cat=deaff0;ord=176614873892;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152

Requested by

Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CPHI4obByIMDFbLiOwId5OAH7g;src=12738953;type=deaff0;cat=deaff0;ord=176614873892;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12738953.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/763238947/ Frame 2FED 42 B
64 B 28ms
28ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/763238947/?random=1704535363426&cv=11&fst=1704535200000&bg=ffffff&guid=ON&async=1&gtm=45He4130v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_JlTe5Jd0DxjOFf2Uj1JY4MwB4o9q2cQ22lcVnjzhdqFRhnvD&random=2472143112&rmt_tld=0&ipr=y

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/763238947/ Frame 2FED 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/763238947/?random=1704535363426&cv=11&fst=1704535200000&bg=ffffff&guid=ON&async=1&gtm=45He4130v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_JlTe5Jd0DxjOFf2Uj1JY4MwB4o9q2cQ22lcVnjzhdqFRhnvD&random=2472143112&rmt_tld=1&ipr=y

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 137000673.js Show response
bat.bing.com/p/action/ Frame 2FED 0
117 B 82ms
82ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137000673.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 06 Jan 2024 10:02:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DB3268036C9043DFB800A12FDC7F68AF Ref B: FRAEDGE1206 Ref C: 2024-01-06T10:02:43Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 2FED 0
286 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137000673&Ver=2&mid=d4dd01c3-adb9-4ec5-80f8-bd270aa5ce31&sid=bc09af60ac7a11ee92651f150ed90510&vid=bc09ac80ac7a11ee9265134c7de36268&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=BETANO%20MODE&p=https%3A%2F%2Flp.cleverwebserver.com%2F&r=&lt=663&evt=pageLoad&ifm=1&sv=1&rn=833060

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 Jan 2024 10:02:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A78CCFD879BC4F55B94633969BE43665 Ref B: FRAEDGE1206 Ref C: 2024-01-06T10:02:43Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 1755 196 KB
55 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jan 2024 11:48:30 GMT
age: 252853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 02 Jan 2025 11:48:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1755 15 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jan 2024 11:48:30 GMT
age: 252853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 02 Jan 2025 11:48:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1755 95 KB
28 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jan 2024 11:48:30 GMT
age: 252853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 02 Jan 2025 11:48:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1755 5 KB
2 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jan 2024 11:48:31 GMT
age: 252852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 02 Jan 2025 11:48:31 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1755 40 KB
13 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Jan 2024 11:22:55 GMT
age: 81588
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Jan 2025 11:22:55 GMT

GET
DATA 200
OK truncated
/ Frame 1755 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67078a9c984bc9b8a542cb3d148873ee63016a866833f525abdad90182883174

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5237683046968805582
tpc.googlesyndication.com/simgad/ Frame 1755 50 KB
50 KB 11ms
10ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5237683046968805582?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmVxqBVapfvZYKk9QW2TJVZmRSkXg

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ab1755b129721840ab8f1871bb1d4a65eb146bee3bce526b07fa6b666d30ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:00:14 GMT
x-content-type-options: nosniff
age: 126149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51238
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 11:33:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Jan 2025 23:00:14 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1755 3 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:34:10 GMT
x-content-type-options: nosniff
server: cafe
age: 19713
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Jan 2024 04:34:10 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1755 344 B
474 B 9ms
8ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 44047
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 06 Jan 2024 21:48:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1755 0
0 22ms
22ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1b3VaJ5E5QuCAKNOffeLL1GSLHcId8g5mSkF5hbpWHOj8ux_qJ6YzT6LKFCoIh_IBtQ4V8sB6DxIkNeUCR7-gyJQomg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 64ee070c262380ef28e936b2 Show response
visuals.kaizengaming.com/a/ Frame 4374 64 KB
21 KB 124ms
109ms Script
application/javascript 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 8413208699a5912a-FRA
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

POST
H2 200 / Show response
api-js.datadome.co/js/ Frame 2FED 230 B
408 B 53ms
8ms XHR
application/json 3.127.187.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: dd.betano.de
URL: https://dd.betano.de/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.187.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-187-60.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 25a4a0b8740a228213c756585d25cceb5d8dff267c7432690fde4ec8fe57989f

Request headers

Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 230
expires: 0

GET
H2

200

main.js Show response
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 1A97
Redirect Chain

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

20ms
19ms

Script
application/javascript

2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=

Protocol

Server

2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bdaf88913be5977438818f0bceefab996176f09541ae82ffa7a4d4a047ed072

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84132086d9d5912a-FRA

Redirect headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 84132086a9b6912a-FRA

GET
H2 200 /
www.facebook.com/tr/ Frame 2FED 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1704535363630&sw=1600&sh=1200&v=2.9.139&r=stable&a=tmgoogletagmanager&ec=0&o=4126&ler=other&it=1704535363517&coo=false&rqm=GET

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 06 Jan 2024 10:02:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 59013e41-1b63-4d8e-a887-ea6d3795d988.js Show response
tr.snapchat.com/config/de/ Frame 2FED 177 B
445 B 53ms
17ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/de/59013e41-1b63-4d8e-a887-ea6d3795d988.js?v=3.8.0-2401042024

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
Origin: https://promos.betano.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://promos.betano.de
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame EDB2 0
201 B 53ms
18ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=eaabc8b0-f11d-480b-be88-7d3c8ec82588&u_sclid=16d818f4-0f05-49e0-8c24-41bb6d90bbaa

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 10:02:43 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ Frame 2FED 68 B
297 B 53ms
19ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&intg=gtm&pids=59013e41-1b63-4d8e-a887-ea6d3795d988&u_c1=acf4fc0c-e886-42ac-abc2-c4e619ba06e0&u_sclid=16d818f4-0f05-49e0-8c24-41bb6d90bbaa&u_scsid=eaabc8b0-f11d-480b-be88-7d3c8ec82588&bt=1d53c387&d_bvs=%5B%5D&huah=true&if=true&m_dcl=663&m_ic=true&m_pi=658&m_pl=0&m_pv=2&m_rd=1032&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Flp.cleverwebserver.com%2F&rf=https%3A%2F%2Flp.cleverwebserver.com%2F&trackId=7ad1e10d-a8e0-4fef-ad16-dc816cb76d83&ts=1704535363654&v=3.8.0-2401042024

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame 2FED
Redirect Chain

https://s2.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=941615969683&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.d...
https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=941615969683&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betan...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=941615969683&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos....

121 B
723 B

25ms
25ms

Script
text/javascript

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=941615969683&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 194
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=941615969683&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame 2FED
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=536898526216&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2F...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=536898526216&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspak...

125 B
725 B

26ms
26ms

Script
text/javascript

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=536898526216&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fabdfc96498ef947e3b5cd8084d0cc9280886a8b549a047fc576342407f34850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 196
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=536898526216&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1755
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

16ms
16ms

Image
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Sat, 06 Jan 2024 10:02:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5237683046968805582
tpc.googlesyndication.com/simgad/ Frame 1755 50 KB
50 KB 7ms
7ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5237683046968805582?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmVxqBVapfvZYKk9QW2TJVZmRSkXg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ab1755b129721840ab8f1871bb1d4a65eb146bee3bce526b07fa6b666d30ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:00:14 GMT
x-content-type-options: nosniff
age: 126149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51238
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 11:33:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Jan 2025 23:00:14 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1755 3 KB
3 KB 12ms
11ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:34:10 GMT
x-content-type-options: nosniff
server: cafe
age: 19713
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Jan 2024 04:34:10 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1755 344 B
368 B 11ms
11ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 44047
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 06 Jan 2024 21:48:36 GMT

POST
H2 200 84132085c936912a Show response
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1A97 0
255 B 38ms
38ms XHR
text/plain 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/jsd/r/84132085c936912a
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 841320879a43912a-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 1x1.gif
a.mgid.com/ Frame 2FED 43 B
107 B 115ms
114ms Image
image/gif 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=714661&type=c&tg=&r=https%3A%2F%2Flp.cleverwebserver.com%2F&nv=0&clid=&d=1704535363781

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 84132087aeb63609-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 document.000000CF16561F.js Show response
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/ Frame 4374 177 KB
27 KB 30ms
30ms Script
application/javascript 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/document.000000CF16561F.js
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: rIrlDQ43Y2HScKgRpGejWA==
age: 893
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 15:35:17 GMT
server: cloudflare
etag: W/"0x8DBE6B9A2912048"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d8cfdf75-801e-006c-57c0-213e44000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2011-08-18
cf-ray: 84132087ba5f912a-FRA
expires: Sun, 05 Jan 2025 09:47:50 GMT

GET
H2 200 animated-creative.381532d5d5de3962867f.js Show response
visuals.kaizengaming.com/scripts/ Frame 4374 156 KB
53 KB 28ms
27ms Script
application/javascript 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 7/+J+TpFL/6K7/yG6MNwEg==
age: 893
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 09:16:12 GMT
server: cloudflare
etag: W/"0x8DBE4F258FA183A"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4cf06cbc-901e-005f-1b83-2261ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2011-08-18
cf-ray: 84132087ba60912a-FRA
expires: Sun, 05 Jan 2025 09:47:50 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1755 0
0 52ms
52ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3oxNQyWZZfD9DIiq3gOIw7UI6-nvlnWQ2pXWuRIKEAEg3dauHmCV4pCCoAegAeyz8sAByAEC4AIAqAMByAMIqgS-Ak_QAhIJvbA2c4bDA1xiezFgZFLMVd_-qgKfmzPKmgL3kIzao3qA__KCbmNwvBT9o033n7MUaKRhMYovqggGVmv4hHgdmzP56tmXB4VgIxwDMo0pc11rD9ndFp9hku6iGpjZR3ahKwpY5oCRKWFrpsz-IO2rg_ZZB8Coh84qCZcv26Wy9V4vzQEGWfDZPD6ho7AlMJYA8hPaJZQCLfQwdzglp62ocPE24R8_ceTgWs5TqyiS15dAPPNv9PVtVidaMHFK5XScTYQghb58lOmEVbQ3KPRd_mpCfOxC1la1ZThsVlPI5yr6HigMYBc4mH-OiPYCZ0wYnLHa2y62duEUL4GfMgKPPJmyJN-UuF7Y4dElR8y9KLIbF2VExALogg_NFXUHUhIsIfVYNATItQXoknw5X0fU4GSJkho8SWMxe8AE4NflquEE4AQBiAWMkerdTZIFBAgEGAGSBQQIBRgEoAYCgAf8y42_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEP6oBtIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYmqb5hcHIgwOaCSNodHRwczovL21hZG11c2NsZXMuY29tL2RlL3N0ZXAtZ29hbIAKA8gLAaIMCCoGCgSsurEC4g0TCOjV-YXByIMDFQiVdwodiGENAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi05MDQ1ODA3MDQyNjA0MDUzGOGeBw&sigh=1i6R1GCGx8s&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPAAvHhf_jcqj7pliKC46S3FU743tNSKzmrbzzRRvElIVpktAib41BtpoPERVywBL7sc3y_ntHJF9vWEpsRgB&cbvp=2
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

POST
H2 200 p
tr6.snapchat.com/ Frame 2FED 0
42 B 34ms
18ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dw-check.html Show response
experiences.mrf.io/marfeelpass/statics/ Frame B328 3 KB
1 KB 94ms
34ms Document
text/html 2606:4700:3033::ac43:9fa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3900
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400, s-maxage=2592000
cf-cache-status: HIT
cf-ray: 84132088cd1506c0-AMS
content-encoding: gzip
content-type: text/html
date: Sat, 06 Jan 2024 10:02:43 GMT
last-modified: Thu, 23 Nov 2023 12:08:24 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-envoy-upstream-service-time: 3

POST
H2 200 get-consent Show response
disclaimer-api.goadopt.io/api/tag/ 140 B
836 B 455ms
437ms XHR
application/json 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 18032affb0c1305407ce00a21a9dcfe45fe754200ff745b8be08cfaebd0316d1

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:
server: cloudflare
etag: W/"8c-LrSRRyAmoxENk9FYkT/1FmiMGWA"
vary: Origin
access-control-max-age: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJKW7DAXduKuaP8d7RQ3LA5R%2FvaSemONARHEOCw1jNorzM%2BNd5HtWjZvkIkhtq9ef%2FVdL3yFvirNyQEGXDz2IUkk8fQW1z4C1WABRcxiBAcrSMzYLY57TJKUxsDqJw%2Bwa1ec7oMO78vfbP1YvHljQhOrRlLUzGs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8413208888149128-FRA
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang,traceparent,tracestate,request-id

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 60ms
60ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9ce37ce650098f2c3b2f89416a469725a5578d5f050b6bce20b783e1902799f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12068
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E660F2DE11244C68ADF470FCBD8EF6E0&RedC=c.clarity.ms&MXFR=1936F609526961270C23E5F756696FF9
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E660F2DE11244C68ADF470FCBD8EF6E0&MUID=3784A08D195C6A760118B373188E6B82

42 B
440 B

26ms
26ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E660F2DE11244C68ADF470FCBD8EF6E0&MUID=3784A08D195C6A760118B373188E6B82
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EFEDD8A5158B4C1288B72F17C898886E Ref B: FRAEDGE1206 Ref C: 2024-01-06T10:02:44Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E660F2DE11244C68ADF470FCBD8EF6E0&MUID=3784A08D195C6A760118B373188E6B82
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
795 B 20ms
20ms Ping
application/json 162.19.96.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy03.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Jan 2024 10:02:43 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
DATA 200
OK truncated
/ Frame 4374 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 9a6193a3-650e-42dc-8387-7921f9284c08 Show response
https://visuals.kaizengaming.com/ Frame FD33 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://visuals.kaizengaming.com/9a6193a3-650e-42dc-8387-7921f9284c08
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 4374 3 KB
4 KB 33ms
32ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F4391e467-37b3-4742-bea0-3fd8d7724a46.woff&t=%20EGIJNRSTZ
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497348e51ea27e714889eaab2cd8486a0b12ecf269ea35f3f7c35d1250b457b9

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:36:01 GMT
server: cloudflare
age: 2075203
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=4391e467-37b3-4742-bea0-3fd8d7724a46-subset.woff
cf-ray: 84132088daf5912a-FRA
expires: Sun, 05 Jan 2025 10:02:44 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 10:02:44 GMT

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 4374 17 KB
17 KB 30ms
30ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F043e3f84-365c-4321-9c90-7c1294855724.woff&t=%2008ACDEHILNSTVabcdefghilnorstuz%E2%82%AC
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4400edf65fd8568a5cbb075ba6163f107075cb3f88ce6ce2472383d6309ff989

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:37:20 GMT
server: cloudflare
age: 2075124
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=043e3f84-365c-4321-9c90-7c1294855724-subset.woff
cf-ray: 841320891b11912a-FRA
expires: Sun, 05 Jan 2025 10:02:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 55EB 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 22:48:15 GMT
expires: Sat, 04 Jan 2025 22:48:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E4EC 829 B
561 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8838a8c81d4c2821dbe6c5ae1dbe43247e1080d8161171c948719e5a60d6dd24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ia-QYGuVozVU9RheuIn1Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Ia-QYGuVozVU9RheuIn1Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 10:02:44 GMT
expires: Sat, 06 Jan 2024 10:02:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 55EB 39 KB
15 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 22:48:15 GMT

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 4374 6 KB
6 KB 38ms
38ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2Fb2261d2b-270d-4a56-995b-9f25df05ffcd.woff&t=%20%25-012ABEFINORSTUW%E2%82%AC
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4e3e58eddeee41095d85f963a15fadbfe38517d06b418710059637840c9f6a

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:37:22 GMT
server: cloudflare
age: 2075122
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=b2261d2b-270d-4a56-995b-9f25df05ffcd-subset.woff
cf-ray: 841320894b29912a-FRA
expires: Sun, 05 Jan 2025 10:02:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E4EC 0
0 47ms
41ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=2846208819070947&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

POST
H2 200 p
tr.snapchat.com/ Frame 2FED 0
92 B 19ms
18ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://promos.betano.de
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 4374 5 KB
5 KB 35ms
35ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F0ff439d2-b12a-430f-bbee-4de7ec22a2af.woff&t=%20ACDEHIKLMNOPRSTW
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebb588f9a7cda5153f6b4b89358fcc21afd8775a8225d00f961d4f8f821ac7c1

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:37:23 GMT
server: cloudflare
age: 2075121
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=0ff439d2-b12a-430f-bbee-4de7ec22a2af-subset.woff
cf-ray: 841320898b42912a-FRA
expires: Sun, 05 Jan 2025 10:02:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 55EB 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rZv9VA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 1E07 334 KB
334 KB 44ms
41ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12b04b2276fa80a6649200e12ec4e78f3fb11bf0e21d2d2c6a215cdde0b3dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 00:34:30 GMT
api-supported-versions: 2.0
server: cloudflare
age: 34094
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8413208a8be7912a-FRA
content-length: 341852
expires: Sun, 07 Jan 2024 10:02:44 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 1E07 56 KB
56 KB 49ms
46ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fe77d9c26-6f64-4321-aa40-30bf97eaa85e.png&w=264&h=327&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd70d02d7616b90b93fbcf03f7df1c82e387831b164f744c179721924bc5335

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 01:33:03 GMT
api-supported-versions: 2.0
server: cloudflare
age: 30581
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8413208a8be8912a-FRA
content-length: 56928
expires: Sun, 07 Jan 2024 10:02:44 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 1E07 30 KB
30 KB 48ms
46ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F251cd259-6273-46b5-bbf2-d9de173c45ee.png&w=217&h=217&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a05fe1eb798dc87fa29108b3ed49352b3f891fec5732c0320f7d7c5cfeedd97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 00:34:29 GMT
api-supported-versions: 2.0
server: cloudflare
age: 34095
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8413208a8be9912a-FRA
content-length: 30628
expires: Sun, 07 Jan 2024 10:02:44 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 1E07 13 KB
13 KB 49ms
46ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fd8aa5a9f-d88c-48e4-816d-106a562da729.png&w=133&h=185&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3a18c01abb2d09ff95420fe629d9d6962376b864a43be5321315cf5674357f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 00:34:29 GMT
api-supported-versions: 2.0
server: cloudflare
age: 34095
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8413208a8bea912a-FRA
content-length: 13040
expires: Sun, 07 Jan 2024 10:02:44 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 1E07 11 KB
11 KB 49ms
47ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fc0d9d4c9-d111-4df6-949b-4916fa35a25c.png&w=125&h=120&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 044161f81ce1fac7a4fad00b81c1797ef53b6420dcb3ee5023d0ac7773e06984

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 00:34:29 GMT
api-supported-versions: 2.0
server: cloudflare
age: 34095
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8413208a8beb912a-FRA
content-length: 11302
expires: Sun, 07 Jan 2024 10:02:44 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 1E07 6 KB
7 KB 42ms
40ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F6fa76e81-1a2f-4336-a8b6-1baee8c06025.png&w=90&h=37&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c4474c8a08e668d7fdb8ecbfeda8bbd14f9a70424c2d4c2fdcb7f8a23538f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 09:39:38 GMT
api-supported-versions: 2.0
server: cloudflare
age: 1386
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8413208a8bec912a-FRA
content-length: 6620
expires: Sun, 07 Jan 2024 10:02:44 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 1E07 16 KB
16 KB 32ms
29ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff9124f75-1c52-4bea-af06-084d845e611d.png&w=162&h=164&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f198cc70c0dbefa53f75b5b8af85af5a92c12c00e727b24399a58d0f671c7426

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 00:34:29 GMT
api-supported-versions: 2.0
server: cloudflare
age: 34095
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8413208a8bed912a-FRA
content-length: 16182
expires: Sun, 07 Jan 2024 10:02:44 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 1E07 28 KB
28 KB 40ms
38ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fcb9e21a8-9abc-4102-a538-be570b2404b3.png&w=356&h=254&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7c2d68eca71c2a9797c36fd965569ae502682df8e24ddf6fa8c21f6acc3f74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 00:34:29 GMT
api-supported-versions: 2.0
server: cloudflare
age: 34095
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8413208a8bee912a-FRA
content-length: 29032
expires: Sun, 07 Jan 2024 10:02:44 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 1E07 172 KB
173 KB 49ms
47ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F532cefbc-9131-47e7-b840-a3e13b61dfe8.png&w=604&h=697&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af6634af0785dfa1f6342dc216e635ffe9dbd92feb81d0a1783fecd3b37e67ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 00:34:30 GMT
api-supported-versions: 2.0
server: cloudflare
age: 34094
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8413208a8bef912a-FRA
content-length: 176540
expires: Sun, 07 Jan 2024 10:02:44 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 1E07 7 KB
7 KB 41ms
39ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff1514e3a-d99a-4082-a246-cf6c57fa525d.png&w=150&h=80&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1674c641b55359d221317d2a0a580c317148ed50753954cb477734f615157e74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 01:33:04 GMT
api-supported-versions: 2.0
server: cloudflare
age: 30580
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8413208a8bf0912a-FRA
content-length: 6958
expires: Sun, 07 Jan 2024 10:02:44 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 1E07 8 KB
8 KB 49ms
47ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F7a763a39-7916-445d-8fae-a6216e685905.png&w=174&h=69&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa2fe840687db705e1e27dfa93fa8c233e3a460045892a6a094402b59b085330

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 01:33:04 GMT
api-supported-versions: 2.0
server: cloudflare
age: 30580
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8413208a8bf1912a-FRA
content-length: 7696
expires: Sun, 07 Jan 2024 10:02:44 GMT

GET
H2 200 a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 462 B
433 B 29ms
28ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: db1RviXCYsfCGJyPhdZBgQ==
age: 1110
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB98082775296F"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4cf01a87-901e-005f-6783-2261ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a8bf2912a-FRA
expires: Sat, 06 Jan 2024 13:44:14 GMT

GET
H2 200 e97b0b38-2076-4e93-b438-b20020972f61.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 712 B
521 B 33ms
32ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/e97b0b38-2076-4e93-b438-b20020972f61.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Wj2Rm4rI4ts1bvK6/OwKuA==
age: 1110
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808278220AD"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8861cae2-201e-004a-155e-14765c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a8bf3912a-FRA
expires: Sat, 06 Jan 2024 13:44:14 GMT

GET
H2 200 6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 716 B
812 B 38ms
37ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: wOI1kvcZ2lxVvarwrZkpVw==
age: 1110
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827807321"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 494b58cc-901e-003d-7dfe-23a3c8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a8bf4912a-FRA
expires: Sat, 06 Jan 2024 13:44:14 GMT

GET
H2 200 44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 699 B
521 B 42ms
40ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 6T5iHY4kR/cqRXlJfcIgeg==
age: 1110
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827A0A29B"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 250434c9-b01e-0005-7c97-330708000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a8bf5912a-FRA
expires: Sat, 06 Jan 2024 13:44:14 GMT

GET
H2 200 50881c1d-287e-498a-abef-0967eee64053.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 705 B
519 B 35ms
33ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/50881c1d-287e-498a-abef-0967eee64053.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: OGNNML/bbmYzG3WVI4K2vw==
age: 1110
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB98082797A2B0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b10b840e-501e-0050-42f9-231783000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a8bf7912a-FRA
expires: Sat, 06 Jan 2024 13:44:14 GMT

GET
H2 200 68caeb64-8770-4732-8cdc-b287d26e232f.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 711 B
542 B 33ms
32ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/68caeb64-8770-4732-8cdc-b287d26e232f.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: H8vQZgECIVhMUK6iBn/x3A==
age: 1110
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808278D9165"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9fb587c9-a01e-0054-3c49-149a84000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a8bf8912a-FRA
expires: Sat, 06 Jan 2024 13:44:14 GMT

GET
H2 200 c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 713 B
807 B 27ms
26ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: PGPRbIvWC6EgP2XMl5G9Xw==
age: 1110
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808279A137F"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4f744b49-101e-0041-0abe-218d37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a8bfb912a-FRA
expires: Sat, 06 Jan 2024 13:44:14 GMT

GET
H2 200 d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 701 B
521 B 39ms
38ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: kbsYe45EOgyN0lklvpvsrA==
age: 1110
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808279B4BE1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 63adbf05-701e-0025-6059-237caf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a8bfc912a-FRA
expires: Sat, 06 Jan 2024 13:44:14 GMT

GET
H2 200 4d170477-b2d8-4716-ba89-5383a384fb5e.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 701 B
516 B 35ms
34ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/4d170477-b2d8-4716-ba89-5383a384fb5e.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: CP5dckuzFGRJ6dKK7x8ltA==
age: 1110
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827905047"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e33954ca-501e-0022-05d2-2110cc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a8bfd912a-FRA
expires: Sat, 06 Jan 2024 13:44:14 GMT

GET
H2 200 721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 2 KB
1 KB 34ms
33ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: dIIZsAgREGCk+L7z+CtKvA==
age: 898
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 10:33:34 GMT
server: cloudflare
etag: W/"0x8DB998D3FC6613A"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ae207750-d01e-0013-7140-23f1df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a9bfe912a-FRA
expires: Sat, 06 Jan 2024 13:47:46 GMT

GET
H2 200 7d019101-6c40-47bf-b456-9289e9bf3d69.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 454 B
467 B 36ms
35ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/7d019101-6c40-47bf-b456-9289e9bf3d69.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Fe9zUTUCieFRBF6mOTWgjw==
age: 1110
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 09:01:14 GMT
server: cloudflare
etag: W/"0x8DB97EE04CD7BF6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 69271daa-601e-0064-1565-0c1cbe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a9bff912a-FRA
expires: Sat, 06 Jan 2024 13:44:14 GMT

GET
H2 200 f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 1E07 2 KB
1 KB 29ms
29ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 52m6i3E5yoDqe8bIckaoJg==
age: 1533
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 09:01:14 GMT
server: cloudflare
etag: W/"0x8DB97EE04CF5095"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: cef65eb4-101e-0033-361b-198a78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 8413208a9c00912a-FRA
expires: Sat, 06 Jan 2024 13:37:11 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 878F 28 B
58 B 22ms
22ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704535364265
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtKV0RuYmw1c21ETSjByuSsBjIKCgJERRIEEgAgJQ%3D%3D
X-YouTube-Ad-Signals: dt=1704535362117&flash=0&frm=2&u_tz=60&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C391%2C220&vis=1&wgl=true&ca_type=image&bid=ANyPxKqIBB5Ieia2KP8gdmH6VNwDBwfZl_nDezf-osBHGnJX2Erod462J7pGZ_aJ1rgvfTlIztUNqoYLAucGJCCIIV12VAB_wg

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 06 Jan 2024 10:02:44 GMT

POST
H2 200 /
visuals.kaizengaming.com/tr/v2/pixel/ Frame 4374 0
72 B 110ms
110ms Ping
text/plain 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/tr/v2/pixel/
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8413208aec27912a-FRA
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1C04 28 B
59 B 20ms
19ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704535364332
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtKV0RuYmw1c21ETSjByuSsBjIKCgJERRIEEgAgJQ%3D%3D
X-YouTube-Ad-Signals: dt=1704535362169&flash=0&frm=2&u_tz=60&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C391%2C220&vis=1&wgl=true&ca_type=image&bid=ANyPxKosbcJgoAqZzRpN6279ssmJo70at4JBDXqwGJBT1-mOUreczeLDK2z4wYENvD5pba-E-URafbS2rpTeJC_f350NPjk4pw

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 06 Jan 2024 10:02:44 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4D6A 28 B
60 B 19ms
19ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704535364432
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtKV0RuYmw1c21ETSjByuSsBjIKCgJERRIEEgAgJQ%3D%3D
X-YouTube-Ad-Signals: dt=1704535362174&flash=0&frm=2&u_tz=60&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C391%2C220&vis=1&wgl=true&ca_type=image&bid=ANyPxKokX79RKmwvhU_XSzSeuKwK2Ra9Zv3pLcPe755VnGWirWW5LG2U99vQy_rtyrXPZFGMHR2WUxJeR6CC58ay1R6WwYfqFA

Response headers

date: Sat, 06 Jan 2024 10:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 06 Jan 2024 10:02:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=2846208819070947&bg=!PT6lPnHNAAY3kmNgF5I7ADQBe5WfOI9rfzw_oA-CjR7eH7xGlJper-VsbseBWa5xZv5bTmcmbSOuAnukYzHxrw7pZpgzAgAAAMZSAAAAAWgBB5kC5fyzTgCBEyrnRp47O8GXPfuQ5tAuUnr_xXRNvgPZC46jCq4Hl0C5dVVF9nUOTB0Zj3aNUGxr-kvgVF9evIJaJVIp2sgIIMBX_Q0t8Wg1O3EQIa2yhpQ3JOSJ3WYqJR_N4fPmOKkx1lS6A6mC-tBdSildsEFQ55oPWtsmPu3EblOmJvsnjXf_z3IqoQoXxJby9dZsIvDdgyb0jfhEHNRrajpIzs7lI5lVH_sP9CSFbzZ4rxX53LLsg8BQXuYeU4n4d-2NdTD0RKnlQP3m0-DUNr_nrc_2F50wbeboE1iONPKU-gUyLofk9JHp1aXrIplddtMDRWzdoN1RtrTjljyb2nJcAGQnbci7LCtV9K9SLEbakAKjsNrtUP2lYE7uupJwo2Msz_bCutUc_pDfy60hIFzxKZRs3wEo5x4PiiOGF0eiIA9Welh8rj52fPgv0zQuJG2a_JM7SCgbNOu5fEhNj8PFnDsCiqG_viJm4EcrT7l6Q85elQ9SsChemZx2NIXeq9eCEUQAjhk1MlIM2_p2OV7ZyeW90mLK7iHgRJ17R997J47piECzwBvQOGM92FZskMtSrl_8UnE5qZw6Bz6-ApqR1E_xogGxPeLt9mQnI3hcUP3yF0wQduZmbX8j_4WTvlKueIvYTuj3cQc4VnG15CHNfj5ka1cVZgBocG6FTQz19851V-pTn-aHFkSY3K9TgijAweA4vmNey9dHYCXP_Fg-WUhBRh6HgxxlHJ2xC-doGPB1-dRLP2Ew_GbR6nKb_gDVo6w3FF7xny0ooE_dNx4GPmImOLCQlAsVS6X9W4unzFamVJvr-Hu_784q78M1Y7v0f1NAeudyqHQIaomKdPKUgkLm9Xc5cDIjJOwDStfaY5CSLVaBaEcF2bGyeXGwVEwrQJe8ZCbXtUKnTfsvezNmb0sL_LIC0caVflvnFO-MMAFLkt69xUwCk4o2R0GaaBmCoD2c95agH_1R9W61A87dlldMdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
315 B 94ms
93ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Date: Sat, 06 Jan 2024 10:02:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3DESQCJNQ5&gtm=45je4130v871351496&_p=1704535359438&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=16618184.1704535360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1704535359&sct=1&seg=0&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&_s=2&tfd=10319
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 46575 Show response
tag.navdmp.com/u/ 497 B
438 B 131ms
131ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/46575
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Apr 2023 18:41:30 GMT
server: cloudflare
etag: W/"642f125a-1f1"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8413209aa9059bf2-FRA
expires: Sat, 06 Jan 2024 11:02:46 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 49ms
9ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date: Sat, 06 Jan 2024 10:02:46 GMT
content-encoding: br
last-modified: Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id: NQXE11X5K8H8AYEK
etag: "ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3418
x-amz-id-2: jdtuVk7eGo46a+WmTzRlvYujzFiLhXywO2mCBLWv/7FJbfBJdKJ1pUw5yufRYL5B6NXXMm6UeC4=

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
358 B 68ms
38ms Fetch
text/plain 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_13576&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Jan 2024 10:02:46 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sat, 06 Jan 2024 10:02:46 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 1 KB
840 B 142ms
141ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3feed4697823ecb36274293788d6bd53fb576ff180d1e086f222679d19dc9814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Sat, 06 Jan 2024 10:02:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 8413209b79909bf2-FRA
expires: Sat, 06 Jan 2024 11:02:47 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
57 B 137ms
136ms Script
application/x-javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=13ee08865b800a0155acade58710%7C0&acc=46575&tit=Di%25E1rio%2520do%2520Nordeste%2520-%2520%25DAltimas%2520not%25EDcias%2520de%2520Fortaleza%252C%2520Cear%25E1%252C%2520Brasil&url=https%253A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&upd=1&new=1&h1=PONTOPODER
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8413209c5a0f9bf2-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=red&dsp=75
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
https://sync.navdmp.com/sync?prtid=25&sclid=a02cf4c9-4725-9965-35cb-e8bb9697b768

6 B
57 B

136ms
136ms

Script
application/javascript

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=25&sclid=a02cf4c9-4725-9965-35cb-e8bb9697b768
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8413209caa349bf2-FRA
content-length: 6
content-type: application/javascript

Redirect headers

date: Sat, 06 Jan 2024 10:02:47 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.navdmp.com/sync?prtid=25&sclid=a02cf4c9-4725-9965-35cb-e8bb9697b768
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=ZZklRwAMeBqFOABU
https://sync.navdmp.com/sync?prtid=17&tubid=ZZklRwAMeBqFOABU&_test=ZZklRwAMeBqFOABU

6 B
57 B

135ms
135ms

Script
application/javascript

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=17&tubid=ZZklRwAMeBqFOABU&_test=ZZklRwAMeBqFOABU
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8413209d3a859bf2-FRA
content-length: 6
content-type: application/javascript

Redirect headers

x-served-by: cache-fra-eddf8230119-FRA
pragma: no-cache
date: Sat, 06 Jan 2024 10:02:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704535367.225154,VS0,VE0
x-cache: HIT
location: https://sync.navdmp.com/sync?prtid=17&tubid=ZZklRwAMeBqFOABU&_test=ZZklRwAMeBqFOABU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=95&redirectUri=https%3A//sync.navdmp.com/sync%3Fprtid%3D21%26dynid%3D%5Bssb_sync_pid%5D&gdpr=0
https://sync.navdmp.com/sync?prtid=21&dynid=8976906833763015229

6 B
57 B

136ms
136ms

Script
application/javascript

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=21&dynid=8976906833763015229
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8413209d2a819bf2-FRA
content-length: 6
content-type: application/javascript

Redirect headers

location: https://sync.navdmp.com/sync?prtid=21&dynid=8976906833763015229
date: Sat, 06 Jan 2024 10:02:46 GMT
content-length: 0

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=85597914715?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
https://sync.navdmp.com/sync?prtid=38&lotid=

6 B
57 B

133ms
133ms

Script
application/javascript

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=38&lotid=
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8413209cfa5e9bf2-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:47 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.navdmp.com/sync?prtid=38&lotid=
cache-control: no-cache
x-server: 10.45.13.117
content-length: 0
expires: 0

GET
H2 200 31435 Show response
tags.bluekai.com/site/ 62 B
218 B 189ms
153ms Script
image/gif 95.100.81.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/31435?id=85597914715&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.81.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-81-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 06 Jan 2024 10:02:47 GMT
content-length: 62
content-type: image/gif

GET
H2 200 cm Show response
trc.taboola.com/sg/navegg/1/ 43 B
374 B 15ms
15ms Script
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/sg/navegg/1/cm
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sat, 06 Jan 2024 10:02:47 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7403
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230051-FRA
pragma: no-cache
server: nginx
x-timer: S1704535367.099135,VS0,VE9
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
338 B 115ms
32ms Script
text/plain 52.214.3.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=13ee08865bb9fcac1fe3392c0a10
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.3.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-3-70.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Sat, 06 Jan 2024 10:02:47 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1704535367
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=822&dpuuid=85597914715&redir=https%3A//sync.navdmp.com/sync%3Fid%3D85597914715%26adID%3D%24%7BDD_UUID%7D%26img%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=85597914715&redir=https%3A//sync.navdmp.com/sync%3Fid%3D85597914715%26adID%3D%24%7BDD_UUID%7D%26img%3D1
https://sync.navdmp.com/sync?id=85597914715&adID=06139872236752271833559057114793391891&img=1

43 B
95 B

133ms
133ms

Image
image/gif

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?id=85597914715&adID=06139872236752271833559057114793391891&img=1
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:47 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 8413209d4a8d9bf2-FRA
content-length: 43
content-type: image/gif

Redirect headers

dcs: dcs-prod-irl1-1-v054-04bfcd41e.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Sat, 06 Jan 2024 10:02:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: b4Shpym4Tgo=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://sync.navdmp.com/sync?id=85597914715&adID=06139872236752271833559057114793391891&img=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.navdmp.com%2Fsync%3FappNx%3D%24UID%26img%3D1
https://sync.navdmp.com/sync?appNx=248828268638086159&img=1

43 B
95 B

129ms
129ms

Image
image/gif

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?appNx=248828268638086159&img=1
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:47 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 8413209cba3b9bf2-FRA
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 10:02:47 GMT
an-x-request-uuid: 465c8290-0abd-44bf-a153-e051db419904
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.navdmp.com/sync?appNx=248828268638086159&img=1
x-proxy-origin: 146.70.117.70; 146.70.117.70; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 105ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:47 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1

0
75 B

16ms
16ms

Image
text/plain

5.196.111.72
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Protocol: HTTP/1.1
Server: 5.196.111.72 , France, ASN16276 (OVH, FR),
Reverse DNS: ip72.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 10:02:47 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
pragma: no-cache
date: Sat, 06 Jan 2024 10:02:47 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
315 B 96ms
96ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Date: Sat, 06 Jan 2024 10:02:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=0w6A-27w0yk36xfq&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&lact=1889&cl=595207588&mos=0&volume=100&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20240102.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=3239&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C19571%2C6117%2C9541%2C1089%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C9513%2C3616%2C1067%2C1360%2C8314%2C280%2C2008%2C4552%2C1900%2C3127%2C1919%2C3033%2C6675%2C4474&muted=0&docid=QapS58_46_U

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=2B4bwEiUxmujnwc2&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&lact=1835&cl=595207588&mos=0&volume=100&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20240102.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=3339&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C153830%2C23133%2C53633%2C84737%2C25688%2C9541%2C1089%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C9513%2C3577%2C1106%2C1360%2C8313%2C281%2C2008%2C4552%2C6670%2C276%2C3033%2C6675%2C4473&muted=0&docid=OsCp2pYT2_A

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=J0sohzxTkTH-JN7Z&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&lact=2105&cl=595207588&mos=0&volume=100&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20240102.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=885&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153832%2C23131%2C53633%2C84737%2C19570%2C6118%2C9542%2C1088%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C9513%2C1904%2C1711%2C1068%2C1360%2C8594%2C2008%2C4552%2C3756%2C1270%2C1921%2C3032%2C6675%2C4473&muted=0&docid=2pR204OZkqw

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7

Domain: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CMjD3IbByIMDFebLOwIdJXgPGg;src=12738953;type=despo0;cat=despo0;ord=1708427651;~oref=https%3A%2F%2Fpromos.betano.de%2F?

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

74 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 17:30:21	Name: X-AB Value: dc4e3509882e40c68a170453af779220
diariodonordeste.verdesmares.com.br/	1970-01-20 17:39:00	Name: __goc_session__ Value: bpdbzlbcqcnhipuhiossgdxtjsymuqhx
.verdesmares.com.br/	1970-01-20 19:38:31	Name: _gcl_au Value: 1.1.1916853785.1704535360
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: lYmoOukS3Rs
.youtube.com/	1970-01-20 21:48:07	Name: VISITOR_INFO1_LIVE Value: JWDnbl5smDM
.navdmp.com/	1970-01-21 02:14:52	Name: ac3 Value: 1
.verdesmares.com.br/	1970-01-20 17:30:21	Name: _gid Value: GA1.3.1011405019.1704535360
.verdesmares.com.br/	1970-01-20 17:28:55	Name: _gat_UA-41498495-1 Value: 1
.doubleclick.net/	1970-01-21 02:50:31	Name: IDE Value: AHWqTUmMyY4Eq1UoA8i14L0LBzjYkuwln2qY9RNcZesGM2wC17EnGczClOUht0Gx
diariodonordeste.verdesmares.com.br/	1970-01-21 02:50:31	Name: _scor_uid Value: d4d270e25ab1401eb7884afbcc56ac76
.verdesmares.com.br/	1970-01-20 19:38:31	Name: _fbp Value: fb.2.1704535360127.309122595
diariodonordeste.verdesmares.com.br/	1970-01-21 02:14:31	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D27541587-854d-4caf-858c-e80715aa33cc-tuctc92aabf
.verdesmares.com.br/	1970-01-21 02:14:31	Name: nvg82438 Value: 13ee08865b2500c51ef0db623c10\|0_7
.yahoo.com/	1970-01-21 02:14:52	Name: A3 Value: d=AQABBEAlmWUCEIwqxHoyWU85lVm_2PgVrV0FEgEBAQF2mmWjZeAKyiMA_eMAAA&S=AQAAAsvJmHWk7t2jBzuT49iX7U8
.mathtag.com/	1970-01-21 02:54:50	Name: uuid Value: 954b6599-2540-4500-a121-450832876a99
.verdesmares.com.br/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22previousVisit%22%3A1704535361%2C%22currentVisitStarted%22%3A1704535361%2C%22sessionId%22%3A%222aa75fce-4810-4e13-b825-81f5db6e2a8d%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//diariodonordeste.verdesmares.com.br/%22%2C%22referrer%22%3A%22%22%7D
.verdesmares.com.br/	1970-01-20 21:50:56	Name: ___nrbi Value: %7B%22firstVisit%22%3A1704535361%2C%22userId%22%3A%225a52e6a9-6241-4559-9ef9-8e06c68589a6%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1704535361%2C%22timesVisited%22%3A1%7D
.verdesmares.com.br/	1970-01-20 21:50:56	Name: compass_uid Value: 5a52e6a9-6241-4559-9ef9-8e06c68589a6
events.newsroom.bi/	1970-01-20 21:48:07	Name: 391_u Value: 5a52e6a9-6241-4559-9ef9-8e06c68589a6
events.newsroom.bi/	1969-12-31 23:59:59	Name: 391_s Value: 2aa75fce-4810-4e13-b825-81f5db6e2a8d
events.newsroom.bi/	1970-01-20 18:12:07	Name: 391_lv Value: null
events.newsroom.bi/	1970-01-20 18:12:07	Name: 391_ut Value: 0
www.clarity.ms/	1970-01-21 02:14:31	Name: CLID Value: 3a9b2eeee4a64dc0bee7a3ed225162e7.20240106.20250105
.verdesmares.com.br/	1970-01-21 03:04:55	Name: _ga_6Y13KJ1H5Q Value: GS1.1.1704535361.1.0.1704535361.0.0.0
.verdesmares.com.br/	1970-01-21 02:14:31	Name: _clck Value: 1b01y8x%7C2%7Cfi6%7C0%7C1466
diariodonordeste.verdesmares.com.br/	1970-01-20 18:12:07	Name: _pbjs_userid_consent_data Value: 3524755945110770
.verdesmares.com.br/	1970-01-21 03:04:55	Name: _ga Value: GA1.3.16618184.1704535360
diariodonordeste.verdesmares.com.br/	1970-01-20 18:12:07	Name: clever-last-tracker-49109 Value: 1
.verdesmares.com.br/	1970-01-20 17:30:21	Name: _clsk Value: lvz0ay%7C1704535362484%7C1%7C0%7Cw.clarity.ms%2Fcollect
diariodonordeste.verdesmares.com.br/	1970-01-20 17:28:58	Name: nvggid Value: null
gml-grp.com/	1970-01-21 03:04:55	Name: CEK Value: a
.gml-grp.com/	1970-01-20 17:28:57	Name: __cf_bm Value: PpmDRvRiCUpi8H7CVXmEnk7SwFXJ81VkVdE8bUNbZ1k-1704535363-1-AcgacK68qwE3E81OEJQ5c1FEks/CZsPzCrOn17vYF8XfKCDCE3eGBwj3nix31d/S71Ryd+5009QC8KH8VcStf3g=
.gml-grp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: F3tKGKR00eAGsOQAnNRPEffjFm8aLkQ3BE9DMUYjpxw-1704535363055-0-604800000
gml-grp.com/	1970-01-20 19:38:31	Name: XYZ Value: 120&0&148&&&&0&1&&25c4f3b0-5d10-4a1c-b98f-4043cf5f6c2f&&a_1152b_2931&
gml-grp.com/	1970-01-20 19:38:31	Name: A_2931 Value: a=2931&r=0&fv=0&lv=0&vc=0&fc=20240106&lc=20240106100243&cc=1
gml-grp.com/	1970-01-20 19:38:31	Name: PM_11 Value: id=610e0eb6-c869-4c5a-b915-030da4a89a1c&c=CAABXNMSLADAADE&s=1152&ad=2931&md=0&pm=11&d=20240106100243&ip=2454091078&r=0&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&RedirectParams=btag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&cip=MTQ2LjcwLjExNy43MA==
.betano.de/	1970-01-20 18:12:07	Name: btag Value: a_1152b_2931c_CAABXNMSLADAADE
.betano.de/	1970-01-20 17:28:57	Name: __cf_bm Value: cBzAO0K15Dw2.aH29_t.8sFgD43YXNup5PrhlNZvO0w-1704535363-1-AfTXPSmuVzB66RJcywsqnvQhhSjYxj5J4yJ61QJqmFhX2zjHMUtcGTYcxAcU2mqaNRbMDhd337Yb5Jr8YButabQ=
.betano.de/	1969-12-31 23:59:59	Name: _cfuvid Value: Kiy_PhhollJrI4D9EHPiAnIyDAAk_0zyBYfO3tt2QuU-1704535363231-0-604800000
.kaizengaming.com/	1970-01-20 17:28:57	Name: __cf_bm Value: wrhbzjfSjvoj1REjwWJN8RJrvFygKxtdQ0GftZ7JoCY-1704535363-1-ASH4UJsiX+/AdaSlhvBqInfqN+qZ+Gqlj20cQaJmclcQVDgI4LLONXIDvYIfE+XiVf23Fm+1EN2MzwS25GAnMlk=
.kaizengaming.com/	1969-12-31 23:59:59	Name: _cfuvid Value: RtZUcAbAUsg1OqCHoDkTs.uTD13gWlJxL.e.5CHYq7Q-1704535363344-0-604800000
.betano.de/	1970-01-21 02:14:31	Name: cf_clearance Value: DXmzmk1xLzk9WMuJBo2qL12fiAOhKUsR4kGkie_sOkM-1704535363-0-2-ac7b4955.d037f826.fb7a16b5-0.2.1704535363
.mgid.com/	1970-01-20 17:28:57	Name: __cf_bm Value: tDezLHhadv9.S.17O0IO1lpFOtoaqqwHmPoxHmgQJuA-1704535363-1-AbL6wCC6ZqCRmKUouj9Zi0mCd0VGC3PnU/awRBXIEoQG8DKmWZmV+TE09YQX+3Wd0128bngiIUrFg5AYaiLbnXw=
.verdesmares.com.br/	1970-01-21 03:04:55	Name: _ga_3DESQCJNQ5 Value: GS1.1.1704535359.1.0.1704535363.56.0.0
.bing.com/	1970-01-21 02:50:31	Name: MUID Value: 3784A08D195C6A760118B373188E6B82
.snapchat.com/	1970-01-21 02:50:31	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiQ0AIAgEsIlI0EOecVRkCoa3RcZ+D0yuvkn4JMVNkFZYDZ8lJt3DWBYWFM0fkUM/hjIAAAA=
.adform.net/	1970-01-20 18:13:33	Name: C Value: 1
.adform.net/	1970-01-20 18:55:19	Name: receive-cookie-deprecation Value: 1
.verdesmares.com.br/	1970-01-21 02:50:31	Name: __gads Value: ID=5398c14cf62875f4:T=1704535361:RT=1704535361:S=ALNI_MZC6O-XXAvfngGkme3yLnSB7UfM1w
.verdesmares.com.br/	1970-01-21 02:50:31	Name: __gpi Value: UID=00000d3a28116c80:T=1704535361:RT=1704535361:S=ALNI_MbNu2pssaXHjQfpllg6GJt30VhbxQ
.doubleclick.net/	1970-01-20 17:28:58	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 18:55:19	Name: uid Value: 9056483937026343105
.kaizengaming.com/	1970-01-21 02:14:31	Name: cf_clearance Value: v1hZOgSe.l4qQLR_sMeVBSM61U6HepNCZL1LPmg0GNw-1704535363-0-2-ac7b4955.d037f826.fb7a16b5-0.2.1704535363
.c.bing.com/	1970-01-20 17:39:00	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:50:31	Name: SRM_B Value: 3784A08D195C6A760118B373188E6B82
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:50:31	Name: MUID Value: 3784A08D195C6A760118B373188E6B82
.c.clarity.ms/	1970-01-20 17:39:00	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:28:55	Name: ANONCHK Value: 0
.goadopt.io/	1970-01-20 18:55:19	Name: VisitorId Value: 732854ff-e757-4cee-ad99-c1e43565e7ee
.verdesmares.com.br/	1970-01-20 18:55:19	Name: AdoptVisitorId Value: OwZgTAHArALAZnAtAU2FYiYGNnMQQwBMBOYxLARmRhCgDYpVcg==
.navdmp.com/	1970-01-21 03:04:55	Name: nid Value: 13ee08865be14e2cf532586ac810\|2\|36
.verdesmares.com.br/	1970-01-21 02:14:31	Name: nvg46575 Value: 13ee08865b800a0155acade58710\|2_7
.sxp.smartclip.net/	1970-01-20 18:12:07	Name: uuid Value: a02cf4c9-4725-9965-35cb-e8bb9697b768
.adnxs.com/	1970-01-20 19:38:31	Name: uuid2 Value: 248828268638086159
.sxp.smartclip.net/	1970-01-20 18:12:07	Name: psyn Value: 19728.75
.adnxs.com/	1970-01-21 03:04:55	Name: XANDR_PANID Value: w7JoC9w_mOfz7laJOugsOJlm7RSWYJ1I0qF0E_s7ms8TuDpOsgIyqlVHsTY9sOCDggv7LJhCl_gRyyfpn34TOlbR_BXU-_WXd-_i6IUGMYU.
.demdex.net/	1970-01-20 21:48:07	Name: demdex Value: 06139872236752271833559057114793391891
.krxd.net/	1970-01-20 21:48:07	Name: _kuid_ Value: QBO-B4Jl
.everesttech.net/	1970-01-21 02:14:31	Name: everest_g_v2 Value: g_surferid~ZZklRwAMeBqFOABU
.smartadserver.com/	1970-01-21 02:59:09	Name: pid Value: 8976906833763015229
.dpm.demdex.net/	1970-01-20 21:48:07	Name: dpm Value: 06139872236752271833559057114793391891
.smartadserver.com/	1970-01-21 02:15:57	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:15:57	Name: pbw Value: %24b%3d16999%3b%24o%3d11100

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://diariodonordeste.verdesmares.com.br/ Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
other	warning	URL: https://diariodonordeste.verdesmares.com.br/(Line 4441) Message: Unrecognized feature: 'web-share'.
security	error	URL: about:blank Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: about:blank Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: about:blank Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://cdn.taboola.com/libtrc/userx.20240104-7-RELEASE.es6.js(Line 2) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
javascript	error	URL: https://diariodonordeste.verdesmares.com.br/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7' from origin 'https://diariodonordeste.verdesmares.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
network	error	URL: https://promos.betano.de/willkommenspaket/Rectangle.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/bullet.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/banner3.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/banner2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/banner1.png Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
other	warning	URL: https://connect.facebook.net/signals/config/234568464078651?v=2.9.139&r=stable&domain=lp.cleverwebserver.com(Line 127) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391(Line 1) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://diariodonordeste.verdesmares.com.br/ Message: Refused to execute script from 'https://tags.bluekai.com/site/31435?id=85597914715&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN ALLOW-FROM http://polopoly.verdesmares.com.br

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12738953.fls.doubleclick.net
a.mgid.com
a.teads.tv
ad.sxp.smartclip.net
adservice.google.com
am-trc-events.taboola.com
api-js.datadome.co
at.teads.tv
bat.bing.com
beacon.krxd.net
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c2.taboola.com
call.cleverwebserver.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.navdmp.com
cdn.pn.vg
cdn.taboola.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.jquery.com
config.aps.amazon-adsystem.com
connect.facebook.net
dd.betano.de
diariodonordeste.verdesmares.com.br
disclaimer-api.goadopt.io
dpm.demdex.net
ecfd3cce6a211990d3c24c85f61b6032.safeframe.googlesyndication.com
events.newsroom.bi
experiences.mrf.io
fonts.googleapis.com
fonts.gstatic.com
gml-grp.com
googleads.g.doubleclick.net
gum.criteo.com
i.pravatar.cc
i.ytimg.com
id.navegg.com
images.taboola.com
jnn-pa.googleapis.com
landingpages.kaizengaming.com
lp.cleverwebserver.com
match.adsrvr.org
nr-events.taboola.com
pagead2.googlesyndication.com
pixel.mathtag.com
play.google.com
pm-widget.taboola.com
promos.betano.de
region1.analytics.google.com
region1.google-analytics.com
s2.adform.net
sb.scorecardresearch.com
sc-static.net
scripts.cleverwebserver.com
sdk.mrf.io
secure.adnxs.com
securepubads.g.doubleclick.net
sender.cleverwebserver.com
ssbsync.smartadserver.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.navdmp.com
sync.smartadserver.com
sync2.navdmp.com
tag.goadopt.io
tag.navdmp.com
tags.bluekai.com
tags.premiumads.com.br
tpc.googlesyndication.com
tr.snapchat.com
tr6.snapchat.com
track.adform.net
trc.taboola.com
ui.cleverwebserver.com
ups.analytics.yahoo.com
usr.navdmp.com
visuals.kaizengaming.com
w.clarity.ms
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
12738953.fls.doubleclick.net
c.amazon-adsystem.com
play.google.com
www.youtube.com
141.226.228.48
142.250.186.130
151.101.193.44
151.101.2.49
151.101.65.44
162.19.96.35
170.82.174.15
185.89.211.116
188.114.97.3
2.16.97.41
2001:4860:4802:34::36
216.58.206.34
216.58.206.38
23.96.124.156
2606:4700:10::6814:e180
2606:4700:1::6813:834c
2606:4700:20::681a:1ab
2606:4700:20::681a:1e8
2606:4700:20::ac43:4a15
2606:4700:3033::6815:325a
2606:4700:3033::ac43:9fa2
2606:4700:3034::ac43:9a96
2606:4700:4400::6812:24ac
2606:4700:4400::6812:28b3
2606:4700:4400::ac40:919c
2606:4700:4400::ac40:934d
2606:4700::6810:5914
2606:4700::6810:bf3
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:800::2006
2a00:1450:4001:801::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2016
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9a
2a02:2638:3::c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::649
3.127.187.60
3.75.62.37
34.248.85.3
35.186.194.101
35.190.43.134
37.157.3.26
37.157.6.234
5.196.111.72
52.214.3.70
52.223.40.198
54.246.204.16
65.9.90.93
65.9.95.111
65.9.95.18
65.9.95.3
65.9.97.248
68.219.88.97
91.134.110.133
95.100.81.28
95.101.148.198
95.101.149.35
004faa933546e8b32fa2563c5c180b980dde2d81247683d8d14d4ee66969f188
008e088ef45844c459202790b51cbade30cb2b6f0d0dfabefa3055a1ffc48866
0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7
044161f81ce1fac7a4fad00b81c1797ef53b6420dcb3ee5023d0ac7773e06984
04ebc640f4935e53c8c532d73d2d224a7216eb54937ee02b9fbadb2bb0dbbe80
050125150d4fde5f0db366518c41e3f2226be0957f3078037bdb6785f1165b54
05c7441247d8f700e8d12fa47d6b88f7e028ef9b28bc9549e713c854ba3add81
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06bc30ec61e2b2509b4eaae78e7aae5fcb2aa922645427a7cd5342bc4508327a
06cd2f85d492d7febb1c0841bb502feaeb8dec1f45cfa981f062ea18c9493765
08d21de8318649f614c92d704bc2c227cd6593c8c209a5dbfee70d10a9af5e81
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7
09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d
09e83d24beac29930817f2b29c07b0e93e67f0f9ed156c26158e14ec376487d2
0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312
0ab1755b129721840ab8f1871bb1d4a65eb146bee3bce526b07fa6b666d30ae9
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d47b75592203f10a10656d5b479be62cb32159fd15287665d1074980612bd12
0d7b688fc580923ed80bf15bd36dee883999b98d1c0f41234526f5bf57b5b336
0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94
0e7de0df49c41b2bd42ee609991f15ed0eaa67f914725d6a0e05cc2b9f779c2b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e
13f016fc35d3cf152e8f989d05935bb90c6d1073c83611f04e908eef09229064
1674c641b55359d221317d2a0a580c317148ed50753954cb477734f615157e74
1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e
174311aeecbe9b3ac728199fefbf349859785250c49c45951b6f3b180668c4ce
17456f903fb619edc5dad6e65a5377a1d3ca032adf9629412288ef5af249cfa2
18032affb0c1305407ce00a21a9dcfe45fe754200ff745b8be08cfaebd0316d1
180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb
1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f
1d169c87392cd6de1541b47e48425b6f39421f8582ff2b12cc8a11f08d2e9e8b
1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1fa506cbf6bc4d331c1041a54489d78e9c9e3e79b17364444e86ac3455760775
2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2
21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86
2227f27555cfdda5ca407e3706a473660e40a64d3e026a961f24197066e55aa2
232e57e26cf3fa651f180a44990cac9186e4858c0c6e626a0a1eab5a32a7955d
25886c58f1dc8342e3dbf80b0dc3bb86f6b61555897744725216eeec1a943bdb
25a4a0b8740a228213c756585d25cceb5d8dff267c7432690fde4ec8fe57989f
270014f86c9f5d70a4c39e74f1e16c3209ff44dc0737ae0aea02762bbc182be4
2726a1ad9f097224b96b3b33cd673d3b714a0fa0daf71959b47b588cba1b1983
2745f79803d24b0ab66a1d0c1c7910aea0b76e5a4adac851545c335bb80db1ff
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a5e290f330a473df29695496b8d33d379cb2b17686b63f9356bb23e07f7bd86
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d6a8ad45eda12bcd8172fa4afcc406e7aef22de7f74ca01f0c6a70fabd8fe82
2dde0b31d408bd1b0551394d5cd58426cd483af5df5b3ee34cd5948cda536ae9
2e260c30045f1b05617f23476acdda8b93536de9e6446b757d7334250297c489
2e52de34ed636085ead8598c90ef5ac802d5cd018542099e4d15e6aad41c07ea
2f9dfe3bc1c7da5c87b21ccc2e81cce4e37e1cca9f085d70d8682747219e18bd
3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500
3122a2ad14078e833656ac1de950aa8a449c3705d95a21d7be14e88404baa0b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3298dce752fb616bb52b8414cd17b553e485c5ffa6864aadada282f1b71511bd
329cc30fe3310b74c61d8d1d8d4ff96f4ccc01438e6fe3a18e0d7f6d1ec01afa
32a74a727a955051d7fde36d6c74917be39d040a5badf854ba9697fdcffcab51
3319df8b9c28451700b6dc398868f64e5554b3cb164d188bf6f0cac6b6e39793
33b9412580991bedd119a35b9cdeade7f98aa46f1e30cc8cf3c107b60c44aed9
3470ec5a8c42a5266093ffc43138e26da1e0c7990e6316f76e9a18a650ef3d7c
35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de
36480d8320f3027e1959409b9618093a71366fafdbd8481f2fa570f30e8680a2
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3a9312afd85bf05db20e843f1bd4bc8a21c10246d13b02973ae5748abb9e65fd
3b34383246d1feb438171b37cc5e2dce02114953d3a9749952980c10566321ab
3bb0e144dd92af0b94ff49afd1c39fc61489ab44828aedf469cb7d1a38815ec8
3bdaf88913be5977438818f0bceefab996176f09541ae82ffa7a4d4a047ed072
3d2162445b314f8b5187e9aab513f7f65b8a6f1ae2c911ad812a66b66e9d8975
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f78db732fd67cee6fbe4b219ebfec4f4ddefa9d83080fe6019a291071609f33
3f7c2d68eca71c2a9797c36fd965569ae502682df8e24ddf6fa8c21f6acc3f74
3f92e402d204f3b17da498cee03947944b6b23a3b2410c97b206f7e784087298
3feed4697823ecb36274293788d6bd53fb576ff180d1e086f222679d19dc9814
4038a2a1b34c21f1acd08f84cb08d341feafc9be8ea2c4596885c1255f3f2bbe
40eb4494f963b2f531935eb893e7c70b1bd4d8883ca07fde4edb042c4af11387
410ad554317ffeddb3df5c2a550c2b315881de9b01aa8f77f5d8081fef722cbf
41b4f3c1adc28a7630fdffd0fc14f9549a88989802f39105316de71aff81b2e4
41f23834d77768418c29a6e4578dc5fe673e053d0341e8d1ad2074f764bd208d
421996e40f24642bd6c4bdc006a48180e1e6fb30eeaaebba569843917bba6199
4228a95f9d422888250bb0c0805b910108a2f8b7bf16ca46b614ac8e3048dea5
437c424ae2c33178b013590e4fc99f8584edc9893d9276067ef9f9c774d68f9f
4400edf65fd8568a5cbb075ba6163f107075cb3f88ce6ce2472383d6309ff989
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b7b61d4a719998ac12bf2e12279a9175c971e617eb6544766cf8c5f0369459
47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f
494ef673cae9df9d1c8e677e6c24c99241f709a9ef150373687ad20d18500881
495ad399c1caa9c72a5b1fad6051aaa739d0df20f5623afe10bb3dc4c6c2ff3d
497348e51ea27e714889eaab2cd8486a0b12ecf269ea35f3f7c35d1250b457b9
4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db
4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00
4c81ce8799960f3a709e9172e9aa347f726e3f780748fb3cdd4598a358ba8ef6
4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4f3a18c01abb2d09ff95420fe629d9d6962376b864a43be5321315cf5674357f
4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747
515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22
52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f
52433f5ec5a647f3b23fd6166154a25011d0004e88bcef73c4b82bb22f8deb21
5276824bcd884e7f39035f625c3748a07c3c10748054717a4b202e5071eec07d
52a29b757bfaf927dcb60fc3ed65d05560152bdc2b12227e5c53344237d1bed3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f1771460ce21136cc8f9fb9c00c1d43b755edd5197e1f55f2b0e9780c1e3c5
587086d17db8d71c28d41a899a09056553c0d7f4b700013f9fe009105eb513a8
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c088c360f079039bda4967beba79b1caaf126da534ac7f7e2b6baf34acdf263
5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4
5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1
5d3efeee476394f810094fda59bb87b7f49e23d95a94ea28681123e72fe23003
5d75e6b6bc5bbfa6fa2afd985daae315db41763f30c3981aae7958a3437e1988
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
62abee42f8de35bf84f870156e78a63ef9ac008a94e48924de6101eb335c1856
62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1
65505f215e9d6c8317be522c00e041b7da5b7a22e8fb8a8d7485a76b691b16f5
65ed0ac6db685fbaeb6f5307408b86bd15ca562e4c54ee0497cce3e9b39b61ac
67078a9c984bc9b8a542cb3d148873ee63016a866833f525abdad90182883174
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6829f3cf88e814946173de67d2ffc1b4f3250e42b502f56b02083f6ed259d94e
682eea5c87bf67e804007deb37d6cc3e5eb7086374828b2af3edd3f3dda92da3
68d5359f369dbe89ab3504391fccf4e3dc534abebe4431d8e105833d2ad36165
6914bba20ecb857f03498d896f3429d786f29d8839f28275c5f0eaefb1fa31ba
69c5f856d15a613a74c211ca54dbaffe3ecd6b56fde61a0a73a81b7d9be49974
6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308
6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f
6b729ccaacf256c2286bdb492ca764d67afa3f4fe6df6e57afd42857a491271a
6cdb5d2ba192caa376934b452931cabcc68dccd29acc7edd19990cbe1ff018ee
6cf554f1498ee9e7a5c703dac7b8ed5bbc38701e6831e4c6c14ec7b0024c0bcd
6dc54b59d9676995b295651619a40959edfd2e18ef49e89e4c0a569066c1405d
71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe
728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d
73711581a64e5153e1d6dc83d5ab9c59190279073cc32274ea9f85d1dbeaf943
7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
76308542c656df00ba56ff7626a63a3161e8c42877ad873fa50844d25f77db50
76408789ba2c837b7bed919cbe306da5e4bf9dd80e53e661d3c0ee475b4ec745
779a231769d09869c9ff4c8127c40f64189de7b1dd3b0fa70130b3f02dc6c37a
7824eb42d6c442d4ab27c624e009fa731b268639c6571d2c8bf36b8e76a1e216
78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a
7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d
7a2790437cfcc940ab2219ec21668360b7dd1a2349a43329a7f5630a3751cdcd
7b4f0f875169895691e5cc0e1a554e678577967be3f7ecdace018759dd56bc7c
7c5dc068bdca60633a738e51593fef48bc532ae69fe1e020e6fa932106879cea
7deda1c39954d6f7cfd176868e6558aaaa6f941d0a118be674d30c04fb443ae9
7e193e694bd5cb3b61e7c7a0a51f37e2422326b5363ee1081cd4904893f7ceee
7e8af219d39c1874b3743a3f2ff3670b764b3733db2391be86f284575562a1e9
7f602f9a56289339e05c21b93cca562e0314d1eb293a8304ae5ce18803470992
80a95fa030fd1df8c270f9c36ffa2c8e0f359ac337e57184d2923c5926d9ce2d
821bfc399058e99db9234bdce657ebc374744408325a35c730cda1af4b247145
83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc
841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625
848af624fb49d62c7f41b4c61478b6d671a1422b363000ecddf1d26d6d830c2a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
85d47174e25b459f63b552a828429a8fdfc0c0f92c9506098ca5e3685b9d7ed0
882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3
8838a8c81d4c2821dbe6c5ae1dbe43247e1080d8161171c948719e5a60d6dd24
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df4928a6d83ecb898c23be4498546932ca8866f2f6d5d4507d708d996432427
8f428971557af529ec0843e025e70f8e642859b4fed2f2cf0134f16f97bf6910
8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929
8fd70d02d7616b90b93fbcf03f7df1c82e387831b164f744c179721924bc5335
907e1ac58009554a727e701840e9696681909c0e172a56b9fc374c60694d1eb1
913e8863b4a9fdd1dc408e358b7fa24cf3ce14d5b08eb9f0f91728a08440f0de
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
944bd35271d7242c6a221a4ed3820216677357b9f9189a329de05fb0462df330
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449
951a648e9dceecbd26a6761c1a6d4974312dcd347626a2ba86ea3acf2b2a4790
957b54331affe2dc8fdc71f7638304da5e4152973d21c7c35d9f59d1252cd8f0
964565e96eba3653f3f34e6cab49ebb69a7e628e6f376d0b3995048e60d4c264
96b4d29d3627f922eb4b4ab1e0eca97a6901c4ddbd60cb07bae3da92a7b51361
96ed1c4aeb972781afffa579ba11531a5dbf0c8879c2a66b1212d245f9dd0f17
973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc
987c8ef99ecc722fe3927bac67f2eae84ddd47944191fd354de09dc73a677c71
98a8ca3023f8c8ff492beb3a86a9a47027cd2aa7f930649f134eeb4575f4df20
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a05fe1eb798dc87fa29108b3ed49352b3f891fec5732c0320f7d7c5cfeedd97
9a4e39d50f327270714dcd7f18f54b57a03fc26189befc99da628449c5355017
9a911782a9d1a53c1c90b440beed750584f83620bef4d1c97de328a8fa472b47
9c4474c8a08e668d7fdb8ecbfeda8bbd14f9a70424c2d4c2fdcb7f8a23538f7f
9cd1efd147d00fc5bce9fd0cee40ed69acff80b89889375878a0570da83c986e
9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
a04cd7a62992df85368e1b445cdd555b394779dd4242e14877cfba103d0bcff0
a0e1b81ee14a9c3432248f962ca11f3d939f6066c4eafb15a61680e7b406aa18
a1305f35e96334c2735a13c26771db6e89d5ba273af5d4ebdbfbf517d52b6a33
a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4
a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733
a3eee885775f74730ef43503e2a686731d4ef88baf70a6894a313789b81417b7
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7
a6c012f52a79847e00cc1e8f8538fbd3a2237d06c78d56351a4fd844ee296279
a70e7a903299bf3d89b7f42191b7fae39f9955a27fa0dd025d45c63356798ef8
a9fcb7f7194e241e1c52bfdf85a240636f34e86dc4d7509b1df258d16560c71f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125
abbd6d5f068aae28bebddc2ff1ac767a61094c668f3472fb4a82104889b00938
abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b
ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5
adb50f96bb5a48e2ef0fb797794458292ac375857dbb50238b51e354dd3c1760
ae06ac305b7c30a4cd180b0442bd40b2fba46aee15c5b6332ddf2c1df5a24398
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1232b17e276a55e8f4efda3d6864e140577984130e0d805b5aaff21316dfb2
af6634af0785dfa1f6342dc216e635ffe9dbd92feb81d0a1783fecd3b37e67ad
af6d94040de81bc27c76495dc92561955e86639b6ed7923c1ea4b08b9f235892
b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49
b0d0b7e5101a1b8a54268b9188da520d19d74df9b35714a8ddb5987fad990591
b140845d397dfaea19e05f7175ada4318dab24e78bd4fe254d2230dc25f1122b
b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697
b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b34bae971348ff69541a08b66598c078cf3cd023e8b45762654ea24cffd7445c
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5ec2a4d1861890e777618cb339db16300cba327389383ea485ae69ec748b619
b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03
b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b77fdea591c9b7a26a805e79838f20f907439c54073dd9644bd49f2bfa2c41c5
b7f6e2585f4bb89f9d5c4bf0bfdf2d8637fd97a0818ca76fe281eb7229e8fbf6
b8683d861b8449eaa346c46cfa609c2142c0e505e41615aee70096c6e31e919e
b9ce37ce650098f2c3b2f89416a469725a5578d5f050b6bce20b783e1902799f
b9fd0e8576ea84ddc87bdb42eaeba3b53e1fc468bc6e3be6eaf07561846010db
ba350076982da903525929c44d964c6f10c0beb24e9e5cbe32b4b338c3b9847e
bb04c699207c71f62595ca1cdbafe6886e08a16ee1da9dc09f9e3a23c1ff63ef
bb315d9a8c1f731ea65ab658b55dbc2b6f004a6bf8b86243896a29e785ed423a
bb4e3e58eddeee41095d85f963a15fadbfe38517d06b418710059637840c9f6a
bc2e951c1449fad28c637cef5c91e60eff22787a072d640d346e4d895cf95cb4
bd0c73fc87b4a6543216ba56b87ac212d69190f5e104007b686c0eb72273b86f
bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d
bf1980085377beac89f8a89b943bab7c024dae739a3c2c1f7e8238f4a23d4c79
bfc7f1b569a5d66dd642c72684d0183026d68baf513cfe2ee2418f4c78ba8547
c12b04b2276fa80a6649200e12ec4e78f3fb11bf0e21d2d2c6a215cdde0b3dcf
c15e737b309c3f2f47dd3e3f9b0fcc0dd99c22a608323b7fcd41d4c9fca4bbff
c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75
c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f
c43156da1e25f4488d1dc2ea27d1b39cdb43ba8a2042176fb4795369b2e010a9
c4fd5da88e6a307d3c80675b203e95f9d92bd3d1772f4a341acc6d57605f7e82
c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24
c5a82cf176460d8f3e38314e8d67b127af58cd452ec8c399c5c562a7639242fe
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a
c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048
c76ba09e7acd19638c6930e9da6d05d7b5d057cd367c1c39bd60377f7741c2a6
c7add74cb2fd22974fbf7676913f045af43dc852adff61022172deb587b3e539
c8ddc9b65b0d9832fa743c27a589bc7f5dc0544ad1227397ba5211dc088f091d
c94a0dc6cbd7f95a3c4eb8f7959fd8e5905ff0794116c07a5f09bbac7ef9ffd1
ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208
cad9bc6527b72257d887e2f6cb68247261691695c0b8f1f03157f9a693c2ffa3
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cbf10b6e772fffeafd4d21eff50263dcb73c1478f7befa02c0f594c6e90990f5
cc39dce33b537a2de2ec395aac9062ac88ced3a39a13d038b9410b80bd7990db
cc44c76e8cb0dc7a59dc85c1ddfd177dc89b62dfa4dbab00f5090035822fdab9
ccae3634b916cd27bad22898ced70740673436254149c8926442c529fe3970c2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd1f2b7cb3a442cec867c8c7668f58760fcfaba0788853123e3eb412d6d0c013
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994
d2230c7695f96fbffa2a8e1711c582e3dcb6e136bac033dc98704b82164302b7
d3049590b860367cf285608039355cff6a58d1c9cbd2e75c24ee80a02fffb88f
d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a
d3a0c4973b9936ef16e16e158976bb69a034574dd2fea780fe8b295040a2f683
d461b8b1f577c1f462b16c4bf43cd457bddb68fa6bfe91c982851d4d88c350ff
d48838c5cb12eedc7ddecf68684fdf8a6692818d80bbfb86437d7f4e2d0ad1c6
d528b8fe3050031ad22112d3ce7eec33b2cbe44a7ccece08c6c511741c652f46
d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843
d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d88ed7f285ad93601c7c1a42a3089295e46a73ad65affe1f34f000924621376b
d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101
d9736ecc3d0b02292cbcc412ccde89edccaa563cf91cb2e4c93e20ef91bfb2e6
dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584
db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9
dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89
de0ac645206f74dd9197dad7e0d7c30eb5b59a7183108b197b22c3277a1d5d26
de2780a7bde3db593adb04011d410b9974b2dbbb78da1a763a199b2bd9b23370
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dffa82fae402fa358344642ea93e4401ff99760fa93eaa676ae31fb6b703e2f3
e01dc524a8d1c1c98410a3757c120f35d71f067519f1fe6329d5b2e9b1008d1f
e0cf50d044cad2c23d11f7fa39888aedfccfa55f337df706b54b2cca7cb736e8
e244ed2d3d2e650e8a423eec17d1792502c9b95fbc956c19a8fb8a8b93a9e4a3
e3aa0424e9261f4956e4a3b28f57bcc89c55622eb4f235ccf27e67a6bf0122ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e9b386c1dcf70187f79d9a110f727a4d0e032d97c3857b77554d165100a18cb6
ea92e1dfe7b0bad34df752ab0a7d7c65896679b908e3b95e81fc88a52bd49fa8
ebb588f9a7cda5153f6b4b89358fcc21afd8775a8225d00f961d4f8f821ac7c1
ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4
ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05
ed779556ae5add346be6777fa0b699e26338ed43431d6e0d7afbaeaa8d14096d
ee01d4ddd228dc70bb9971c3e8789373fd41464cc4129450e88c3e2790b0546d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8e021a7ccde8cf82e82b98d524c7288c59923fade810ad612d3cc1101ceeb3
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f099ab2b067e69ce7aec7316818cd1847e4bf80ecc9b3efa0cc9b4fa3d1e88d5
f198cc70c0dbefa53f75b5b8af85af5a92c12c00e727b24399a58d0f671c7426
f32b140b03828c62df3172e04064f5224d1903f6b45ef970e71e87d345b485c7
f3cd5c20a3884bd7cda8eb950adeba86736e8cbf6ae2fa7f84ece1ced383445c
f494f275bce4fd4dee8ab566084a9c551759aeea03d29469be6fc5747183d4bb
f4a07b91490d7ec326d987e1c5541ef4a936f78031cbf09e9db7a68d11826226
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f503828aae308bbda421228d89fff3f9f7f4580f27faaf02c774ce73f9e066f3
f5baa4d60470a8a53017733f8489c66411d0b65af7883d73c22ac1c949478c35
f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf
f6c4435eabd0c88ed7622215dceffe1cae1feedc6f4be9c69e1959a342ed159c
f6cdf488e01c52018c72e669f38948ef1b3f44463428e6f2fd87c1d77ca77c05
f7d41a2b36e119d29bbfe8d98af59e5fa123cb773f1fc5689af4d91de2a2fd9a
f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885
f926d2eaa1938821474fb891a5c5620ff7b1608c91fa248ba1b0a3488891ea1b
fa2fe840687db705e1e27dfa93fa8c233e3a460045892a6a094402b59b085330
fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68
fabdfc96498ef947e3b5cd8084d0cc9280886a8b549a047fc576342407f34850
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39
fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62
fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef
fd54e5186bae10eab52d03175ff68d7e63834ff6f4317f79039d11aa05243868
fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba
fde56c6c9596482bc9267cc3cabc1ce6f637825cc794ca30222ace00fd279bb7
fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0
fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c
ff635879b1ef1bc44bf6dc1d05a7f1af338b8b1ab3287500489186fd1b54a0a6

diariodonordeste.verdesmares.com.br Open in urlscan Pro 170.82.174.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

514 Requests

93 %HTTPS

55 %IPv6

54 Domains

94 Subdomains

67 IPs

8 Countries

14514 kBTransfer

36772 kBSize

74 Cookies

24 Outgoing links

Page URL History

Redirected requests

514 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

diariodonordeste.verdesmares.com.br Open in urlscan Pro
170.82.174.15 Public Scan

Screenshot
Live screenshot

Full Image

514
Requests

93 %
HTTPS

55 %
IPv6

54
Domains

94
Subdomains

67
IPs

8
Countries

14514 kB
Transfer

36772 kB
Size

74
Cookies

514 HTTP transactions
13 data transactions