www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:211a:a200:6:45ad:3580:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gazetadopovo.com.br.us3.cas.ms/
Effective URL:
https://www.gazetadopovo.com.br/
Submission Tags: krdprod
Submission: On May 16 via api (May 16th 2021, 9:49:53 pm UTC) from JP

Summary HTTP 546 Redirects Links 83 Behaviour Indicators

Summary

This website contacted 88 IPs in 9 countries across 59 domains to perform 546 HTTP transactions. The main IP is 2600:9000:211a:a200:6:45ad:3580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.gazetadopovo.com.br.
TLS certificate: Issued by Amazon on December 23rd 2020. Valid for: a year.

This is the only time www.gazetadopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	40.81.121.140 40.81.121.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	2600:9000:211... 2600:9000:211a:a200:6:45ad:3580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:415	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
87	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:cf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
36	2600:9000:215... 2600:9000:2156:3a00:1f:3000:7b80:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:8e00:1b:3b3:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:21f... 2600:9000:21f3:2800:12:af17:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	178.63.12.208 178.63.12.208	24940 (HETZNER-AS) (HETZNER-AS)
1	52.217.82.8 52.217.82.8	16509 (AMAZON-02) (AMAZON-02)
1	143.204.209.3 143.204.209.3	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f03... 2a03:2880:f030:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 8	99.86.242.124 99.86.242.124	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.214.70 143.204.214.70	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	52.216.18.51 52.216.18.51	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6811:b7b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2620:119:50e4... 2620:119:50e4:101::6cae:b55	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
3	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	13.32.6.61 13.32.6.61	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1 7	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	143.204.209.76 143.204.209.76	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2600:9000:20e... 2600:9000:20eb:bc00:16:bc5f:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.209.47 143.204.209.47	16509 (AMAZON-02) (AMAZON-02)
8	143.204.209.103 143.204.209.103	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b6b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:20e... 2600:9000:20eb:6e00:4:5c96:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:215... 2600:9000:2156:e800:13:9bf5:7100:93a1	16509 (AMAZON-02) (AMAZON-02)
60	2600:9000:21f... 2600:9000:21f3:c000:8:7f48:3500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:7600:1d:7626:ce40:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6811:4edd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.94.253.231 54.94.253.231	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20e... 2600:9000:20eb:1400:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
11	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2804:49c:3403... 2804:49c:3403:2676:ffff:ffff:ffff:6	7162 (Universo ...) (Universo Online S.A.)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:50	15201 (Universo ...) (Universo Online S.A.)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:52	15201 (Universo ...) (Universo Online S.A.)
6	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
7 17	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
5 7	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
28	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 1	143.204.98.39 143.204.98.39	16509 (AMAZON-02) (AMAZON-02)
2	200.147.166.107 200.147.166.107	7162 (Universo ...) (Universo Online S.A.)
1 2	34.243.68.123 34.243.68.123	16509 (AMAZON-02) (AMAZON-02)
3	54.76.195.29 54.76.195.29	16509 (AMAZON-02) (AMAZON-02)
3	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	213.155.156.183 213.155.156.183	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.255.31.14 34.255.31.14	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	52.21.116.104 52.21.116.104	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
6	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
8	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:5c::a	15169 (GOOGLE) (GOOGLE)
546	88

1 40.81.121.140 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.gazetadopovo.com.br.us3.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:211a:a200:6:45ad:3580:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:415 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.privacytools.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

87 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2600:9000:2156:3a00:1f:3000:7b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:8e00:1b:3b3:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

multimidia.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21f3:2800:12:af17:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.12.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de716.cxense.com

scomcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.82.8 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com

gdp-prd-data.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-3.fra53.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.86.242.124 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-242-124.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-70.fra53.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.18.51 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e4:101::6cae:b55 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.6.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-6-61.vie50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.209.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-76.fra53.r.cloudfront.net

3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:bc00:16:bc5f:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

infograficos.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-47.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.209.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-103.fra53.r.cloudfront.net

events-api.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:6e00:4:5c96:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

comments.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:e800:13:9bf5:7100:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.semprefamilia.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2600:9000:21f3:c000:8:7f48:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)

json.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:7600:1d:7626:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.umdoisesportes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:4edd (United States)

ASN13335 (CLOUDFLARENET, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.94.253.231 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-94-253-231.sa-east-1.compute.amazonaws.com

apps.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:1400:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2804:49c:3403:2676:ffff:ffff:ffff:6 (Brazil)

ASN7162 (Universo Online S.A., BR)

t.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:50 (Brazil)

ASN15201 (Universo Online S.A., BR)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:52 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.13 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.39 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 200.147.166.107 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: static.dynad.net

s.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.68.123 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-68-123.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.195.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.49 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.183 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.31.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-31-14.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.116.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-116-104.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:5c::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5e6ns7.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
134	gazetadopovo.com.br www.gazetadopovo.com.br media.gazetadopovo.com.br multimidia.gazetadopovo.com.br assets.gazetadopovo.com.br infograficos.gazetadopovo.com.br events-api.gazetadopovo.com.br comments.gazetadopovo.com.br json.gazetadopovo.com.br apps.gazetadopovo.com.br Failed	3 MB
87	google-analytics.com www.google-analytics.com	78 KB
68	googlesyndication.com pagead2.googlesyndication.com 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com tpc.googlesyndication.com	306 KB
53	doubleclick.net 7 redirects stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net pubads.g.doubleclick.net	276 KB
28	2mdn.net s0.2mdn.net	348 KB
25	google.com 1 redirects www.google.com news.google.com play.google.com adservice.google.com	68 KB
22	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	272 KB
11	tinypass.com experience.tinypass.com cdn.tinypass.com buy.tinypass.com api-v3.tinypass.com	286 KB
10	jsuol.com.br tm.jsuol.com.br me.jsuol.com.br	97 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com	7 KB
8	scorecardresearch.com 3 redirects sb.scorecardresearch.com	8 KB
7	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	93 KB
7	adnxs.com 5 redirects ib.adnxs.com	7 KB
6	googletagservices.com www.googletagservices.com	154 KB
6	tailtarget.com tt-10162-1.seg.t.tailtarget.com b.t.tailtarget.com t.tailtarget.com	2 KB
6	semprefamilia.com.br www.semprefamilia.com.br	79 KB
6	google.de www.google.de	866 B
5	krxd.net cdn.krxd.net beacon.krxd.net consumer.krxd.net	95 KB
5	dynad.net t.dynad.net s.dynad.net	53 KB
5	googleapis.com fonts.googleapis.com imasdk.googleapis.com ajax.googleapis.com	334 KB
4	gvt1.com 2 redirects redirector.gvt1.com r5---sn-4g5e6ns7.gvt1.com	1 MB
4	uol.com.br tm.uol.com.br tracker.bt.uol.com.br	3 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	amazonaws.com gdp-prd-data.s3.us-east-1.amazonaws.com s3.amazonaws.com 3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	351 KB
3	facebook.com www.facebook.com	640 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	65 KB
3	azureedge.net mcasproxy.azureedge.net	71 KB
2	openx.net 2 redirects rtb.openx.net	763 B
2	turn.com 1 redirects ad.turn.com r.turn.com	857 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	umdoisesportes.com.br www.umdoisesportes.com.br	1 KB
2	facebook.net connect.facebook.net	97 KB
2	cxense.com scdn.cxense.com scomcluster.cxense.com	28 KB
2	privacytools.com.br cdn.privacytools.com.br	22 KB
1	createjs.com code.createjs.com	63 KB
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	459 B
1	de17a.com d5p.de17a.com	134 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	536 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	smaato.net 1 redirects s.ad.smaato.net	429 B
1	blismedia.com tr.blismedia.com	135 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	adsrvr.org match.adsrvr.org	265 B
1	simpli.fi 1 redirects um.simpli.fi	712 B
1	google.fr adservice.google.fr	799 B
1	twitter.com analytics.twitter.com	660 B
1	t.co t.co	449 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	cloudfront.net d335luupugsy2.cloudfront.net	413 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	navdmp.com tag.navdmp.com	3 KB
1	googletagmanager.com www.googletagmanager.com	62 KB
1	jquery.com code.jquery.com	30 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	cas.ms www.gazetadopovo.com.br.us3.cas.ms	841 B
0	netmng.com Failed google2waycm.netmng.com Failed
0	wbtrk.net Failed um.wbtrk.net Failed
0	Failed function sub() { [native code] }. Failed
546	59

	Domain	Requested by
87	www.google-analytics.com	www.gazetadopovo.com.br www.google-analytics.com me.jsuol.com.br
60	json.gazetadopovo.com.br	www.gazetadopovo.com.br
36	media.gazetadopovo.com.br	www.gazetadopovo.com.br buy.tinypass.com
35	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com googleads.g.doubleclick.net www.gazetadopovo.com.br.us3.cas.ms
28	s0.2mdn.net	www.gazetadopovo.com.br.us3.cas.ms s0.2mdn.net 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com imasdk.googleapis.com
26	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net srcdoc www.googletagservices.com
19	www.gazetadopovo.com.br	www.gazetadopovo.com.br
17	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
11	securepubads.g.doubleclick.net	tm.jsuol.com.br securepubads.g.doubleclick.net www.gazetadopovo.com.br.us3.cas.ms
9	tm.jsuol.com.br	www.gazetadopovo.com.br tm.jsuol.com.br www.gazetadopovo.com.br.us3.cas.ms tm.uol.com.br
9	www.google.com	1 redirects www.gazetadopovo.com.br 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
8	csi.gstatic.com	imasdk.googleapis.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	events-api.gazetadopovo.com.br	www.gazetadopovo.com.br gdp-prd-data.s3.us-east-1.amazonaws.com
8	googleads.g.doubleclick.net	www.googleadservices.com 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com www.gazetadopovo.com.br.us3.cas.ms
8	sb.scorecardresearch.com	3 redirects www.gazetadopovo.com.br.us3.cas.ms www.gazetadopovo.com.br
8	fonts.gstatic.com	fonts.googleapis.com news.google.com
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
7	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com	securepubads.g.doubleclick.net 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
7	play.google.com	www.gstatic.com
7	news.google.com	www.gazetadopovo.com.br news.google.com www.gstatic.com
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	www.googletagservices.com	securepubads.g.doubleclick.net 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com www.googletagservices.com
6	www.semprefamilia.com.br	www.gazetadopovo.com.br
6	www.gstatic.com	news.google.com www.gstatic.com
6	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
6	www.google.de	www.gazetadopovo.com.br
6	assets.gazetadopovo.com.br	www.gazetadopovo.com.br
5	stats.g.doubleclick.net	www.google-analytics.com
4	googleads4.g.doubleclick.net	www.gazetadopovo.com.br.us3.cas.ms
3	static.adsafeprotected.com	pixel.adsafeprotected.com 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
3	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br
3	t.dynad.net	www.gazetadopovo.com.br.us3.cas.ms
3	tm.uol.com.br	tm.jsuol.com.br www.gazetadopovo.com.br.us3.cas.ms
3	www.facebook.com	www.gazetadopovo.com.br connect.facebook.net
3	experience.tinypass.com	www.gazetadopovo.com.br cdn.tinypass.com
3	mcasproxy.azureedge.net	www.gazetadopovo.com.br.us3.cas.ms mcasproxy.azureedge.net
2	r5---sn-4g5e6ns7.gvt1.com
2	redirector.gvt1.com	2 redirects
2	dt.adsafeprotected.com	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
2	imasdk.googleapis.com	s.dynad.net imasdk.googleapis.com
2	beacon.krxd.net	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com cdn.krxd.net
2	rtb.openx.net	2 redirects
2	cdn.krxd.net	s0.2mdn.net cdn.krxd.net
2	pixel.adsafeprotected.com	1 redirects 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
2	s.dynad.net	t.dynad.net
2	ap.lijit.com	2 redirects
2	ad.doubleclick.net	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com www.googletagservices.com
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	b.t.tailtarget.com	tm.jsuol.com.br
2	www.umdoisesportes.com.br	www.gazetadopovo.com.br
2	comments.gazetadopovo.com.br	www.gazetadopovo.com.br
2	3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	gdp-prd-data.s3.us-east-1.amazonaws.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	www.gazetadopovo.com.br.us3.cas.ms connect.facebook.net
2	cdn.privacytools.com.br	www.gazetadopovo.com.br
2	fonts.googleapis.com	www.gazetadopovo.com.br buy.tinypass.com
1	ajax.googleapis.com	tpc.googlesyndication.com
1	consumer.krxd.net	cdn.krxd.net
1	code.createjs.com	s0.2mdn.net
1	ssbsync.smartadserver.com	1 redirects
1	d5p.de17a.com	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
1	r.turn.com	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	tr.blismedia.com	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
1	pixel-sync.sitescout.com	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
1	match.adsrvr.org	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	t.tailtarget.com
1	adservice.google.fr	securepubads.g.doubleclick.net
1	tracker.bt.uol.com.br	www.gazetadopovo.com.br.us3.cas.ms
1	me.jsuol.com.br	tm.jsuol.com.br
1	apps.gazetadopovo.com.br	www.gazetadopovo.com.br code.jquery.com
1	api-v3.tinypass.com	cdn.tinypass.com
1	vars.hotjar.com	static.hotjar.com
1	infograficos.gazetadopovo.com.br	code.jquery.com
1	analytics.twitter.com	static.ads-twitter.com
1	cdn.tinypass.com	experience.tinypass.com
1	t.co	www.gazetadopovo.com.br
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.gazetadopovo.com.br
1	www.linkedin.com	1 redirects
1	s3.amazonaws.com	code.jquery.com
1	static.ads-twitter.com	www.gazetadopovo.com.br.us3.cas.ms
1	d335luupugsy2.cloudfront.net	www.gazetadopovo.com.br.us3.cas.ms
1	snap.licdn.com	www.gazetadopovo.com.br.us3.cas.ms
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	gdp-prd-data.s3.us-east-1.amazonaws.com	www.gazetadopovo.com.br
1	scomcluster.cxense.com	www.gazetadopovo.com.br
1	multimidia.gazetadopovo.com.br	www.gazetadopovo.com.br
1	tag.navdmp.com	www.gazetadopovo.com.br
1	www.googletagmanager.com	www.gazetadopovo.com.br
1	scdn.cxense.com	www.gazetadopovo.com.br
1	code.jquery.com	www.gazetadopovo.com.br
1	cdn.onesignal.com	www.gazetadopovo.com.br
1	www.gazetadopovo.com.br.us3.cas.ms
0	google2waycm.netmng.com Failed	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
0	um.wbtrk.net Failed	9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
0	json.gazetadopovo.com.brhttps Failed	www.gazetadopovo.com.br
546	103

This site contains links to these domains. Also see Links.

Domain
assinaturas.gazetadopovo.com.br
conta.gazetadopovo.com.br
clube.gazetadopovo.com.br
especiais.gazetadopovo.com.br
www.semprefamilia.com.br
www.umdoisesportes.com.br
pt-br.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
gazetadopovojornais.com.br
www.grpcom.com.br

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 02	`2021-05-12` - `2022-05-07`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
*.gazetadopovo.com.br Amazon	`2020-12-23` - `2022-01-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-11`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-04-09` - `2022-05-08`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
semprefamilia.com.br Amazon	`2020-11-13` - `2021-12-12`	a year	crt.sh
jsuol.com.br Cloudflare Inc ECC CA-3	`2021-04-28` - `2022-04-27`	a year	crt.sh
*.umdoisesportes.com.br Amazon	`2020-10-19` - `2021-11-17`	a year	crt.sh
*.uol.com.br Amazon	`2020-10-01` - `2021-11-02`	a year	crt.sh
*.dynad.net RapidSSL RSA CA 2018	`2020-05-11` - `2022-07-10`	2 years	crt.sh
*.jsuol.com.br RapidSSL RSA CA 2018	`2020-06-05` - `2022-08-04`	2 years	crt.sh
uol.com GeoTrust RSA CA 2018	`2020-07-30` - `2022-09-28`	2 years	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-05-04` - `2021-07-13`	2 months	crt.sh

This page contains 29 frames:

Primary Page: https://www.gazetadopovo.com.br/
Frame ID: E87335F064B7707CFB9365680FAF21A4
Requests: 331 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Frame ID: B31730CF508F144071A3460C81630956
Requests: 2 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450333
Frame ID: 44CC89FA37E92C4CC493EC7461DDC8C3
Requests: 14 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: F57FB1DE0BFD06ECC646C9CEAF2DDA5B
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
Frame ID: F0C2D22DBED5F1EA81BFEF6518D87601
Requests: 10 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 24EAD092620B4D2A5B578BD95304A1CA
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: 67B890B21B814B9AA745AD6340790C3E
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: 0D651590D83BBC9A6B2590922A56B10B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FAB4D0D5A6791CB03C7D424A669E4BAA
Requests: 2 HTTP requests in this frame

Frame: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E58B590AA5EDAC16F93E89EAE2F21502
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiU4-SmATAB&v=APEucNUz6SqQYsnDW5Lc7-Wc7jcFgfs3WN702eoW5GJVwakf_SGkzCcgn5uAKFT-hv112C0FWcBjtAn2Swx0vGEALddJT2zbcsW2IdTuR8qtn-A_Id5_KXkJPsWB4Q09ypabHBdVzSB0a8UYtZIlRH9xryPna-JKgCq-sEhR-BkzExgeHWlklIva-5uZXKKauEjwPLD7mUhuX_W3wS0UWnNDjq6uSWNBDw
Frame ID: 6B44C4072571E5BCA69F140D01FCA01E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 91A63F6A3101F0888BFD2AF33F3E9FDB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ED1F913B6EEEF14CEF48AFBB35C764BF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 784061AE004D59327504B291F500B493
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
Frame ID: BE05C6DBBB1BD9AA85D0F9395337FFA5
Requests: 20 HTTP requests in this frame

Frame: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Frame ID: 28D41E23E1BD11ABA24D391510908ED1
Requests: 1 HTTP requests in this frame

Frame: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Frame ID: D8AB70476E771B9D268D6287C94CA471
Requests: 14 HTTP requests in this frame

Frame: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2FE590AEFD972AEFCAD41C56639259C4
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQ7YnZAhiDjounATAB&v=APEucNVlDE1R_4slnR4jl8iOO14TvfLDugAJA6agEryeNqw_WiI3svLpTJsh-rtfxMHLESksxipQGczzyesGoVBxYuRbNNrDVM11dbbywXeIlL73cTV1Kw2-HgMaJNOYgl7Ls66M2Gcn-zCOKJ_bFyPc3RmFE5ls-7O_Dyg4XEFdq6gVR0wsFeH5sGYv8qExXYCRBb2qC2jmS54kwbZUlXkbs9NYf4fEbw
Frame ID: 5D6360DC0098313EA9082D59FDB5E2BD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ECC18D10840A52A335EB3FA3408BF244
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32C5B6C1F2EEA60E4D870E52E20DD907
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0FF5F7D793D8F0A6FF379D9395FF71EA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8573542/1619711236227/728x90.html
Frame ID: 37B41207CD9626EA3571F797E071EE9E
Requests: 6 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 22262B455D75FCC1F360B3D76A2D1948
Requests: 1 HTTP requests in this frame

Frame: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C6C405DF1A598F7F1C88A999DD332099
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html
Frame ID: A26A78C6608243BA9F82590D55E87535
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F6FF4E2FCB28D60B541489B45447B761
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html
Frame ID: 07E77D88A636C20A1DC42F80324D8859
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 930838DE72B9A6D2EFA9C481F1EAD3BE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.gazetadopovo.com.br.us3.cas.ms/ Page URL
https://www.gazetadopovo.com.br/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /tag\.navdmp\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

546
Requests

98 %
HTTPS

57 %
IPv6

59
Domains

103
Subdomains

88
IPs

9
Countries

7354 kB
Transfer

17034 kB
Size

17
Cookies

83 Outgoing links

These are links going to different origins than the main page.

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-topo-gazeta-mobile
Title: Assine

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-topo-gazeta
Title: assine

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/login?referrer=https://www.gazetadopovo.com.br/
Title: Entrar

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar/
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/
Title: Clube Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/painel-das-privatizacoes/?ref=explore
Title: Privatizações

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/reforma-tributaria/?ref=explore
Title: Reforma tributária

Search URL Search Domain Scan URL

URL: http://especiais.gazetadopovo.com.br/por-dentro-do-vale/?ref=explore
Title: Startups

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/?ref=explore
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/?ref=explore
Title: Saúde

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/?ref=explore
Title: Virtudes e Valores

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/educacao-dos-filhos/?ref=explore
Title: Educação dos filhos

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/previsao-do-tempo/?ref=explore
Title: Previsão do Tempo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/filmes/?ref=explore
Title: Cinema

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/?ref=explore
Title: UmDois Esportes

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/?ref=explore
Title: Athletico

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/?ref=explore
Title: Coritiba

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/?ref=explore
Title: Paraná Clube

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/cartoleiros/?ref=explore
Title: Cartoleiros

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/mauro-cezar/?ref=explore
Title: Mauro Cezar Pereira

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/?ref=explore
Title: Augusto Mafuz

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/?ref=explore
Title: Carneiro Neto

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/?ref=explore
Title: André Barcinski

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-pugliesi/?ref=explore
Title: André Pugliesi

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/jones-rossi/?ref=explore
Title: Jones Rossi

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-campeonato-brasileiro-2020/?ref=explore
Title: Brasileirão Série A

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-campeonato-brasileiro-2020-serie-b/?ref=explore
Title: Brasileirão Série B

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-libertadores-2020/?ref=explore
Title: Libertadores

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/premium/?ref=explore
Title: Conheça o Premium

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/presidios-privados-no-brasil/?ref=explore
Title: Presídios Privados

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/?ref=explore
Title: Coronavírus

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/pesquisas-de-aprovacao/?ref=explore
Title: Pesquisas de aprovação

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/?ref=explore
Title: 100 Anos da Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/loterias/?ref=explore
Title: Loterias

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/?ref=explore
Title: Todos os especiais

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/dentro-da-lei/?ref=explore
Title: Dentro da Lei

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes-editoriais-gazeta-povo-resumo/?ref=explore
Title: Em Resumo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes/?ref=explore
Title: Em Vídeo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/noticias/?ref=explore
Title: Notícias do Clube

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/parceiros/?ref=explore
Title: Descontos do Clube

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/cartao-virtual/?ref=explore
Title: Aplicativo Clube

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro?ref=explore
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/minha-assinatura?ref=explore
Title: Minha Assinatura

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/
Title: ver tudo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/?ref=explore
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://pt-br.facebook.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://twitter.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gazeta-do-povo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao?key=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJIT01FIn0.eBdJ9L4FA-1dhQuhebhUznQfSM278NGQRO7K0Pr2iiY
Title:

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao#lavajato
Title: LINHA DO TEMPOOs números, os desvios éticos e de conduta que querem apagar da sua memória

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao?key=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJIT01FIn0.eBdJ9L4FA-1dhQuhebhUznQfSM278NGQRO7K0Pr2iiY#podcasts
Title: PODCASTA história da operação Lava Jato, seus principais trunfos e a campanha de desconstrução em áudio

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao#kit
Title: KIT ANTICORRUPÇÃOReceba nossa newsletter e ganhe figurinhas de WhatsApp para compartilhamento

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-vozes-na-gazeta
Title: Leia mais. Assine agora!

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao/

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/numeros/

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/parana/?utm_source=gazeta-do-povo&utm_medium=componente-home2&utm_campaign=coronavirus
Title: Veja a média móvel atualizada

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/morinigo-eliminacao-coritiba/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/morinigo-eliminacao-coritiba/#comentarios

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/coritiba-eliminado-paranaense-desastre/
Title: Coritiba foi um desastre. Está fora e machuca o seu torcedor

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/follador-e-o-perigoso-costume-da-derrota-no-coritiba/
Title: Follador e o perigoso costume da derrota no Coritiba

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/lazaroni-admite-oscilacao-no-estadual-e-projeta-mata-mata-equilibrio-e-estrategia/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/lazaroni-admite-oscilacao-no-estadual-e-projeta-mata-mata-equilibrio-e-estrategia/#comentarios
Title: 8

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/parana-clube-athletico-jogo-quarta-feira-maurilio/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/parana-clube-athletico-jogo-quarta-feira-maurilio/#comentarios
Title: 9

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/parana-coritiba-provocacao-paranaense/
Title: No Twitter, Paraná provoca o Coritiba por desclassificação no Paranaense

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/campeonatos/paranaense/fpf-muda-data-de-jogo-de-volta-de-athletico-e-parana-na-arena/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/campeonatos/paranaense/fpf-muda-data-de-jogo-de-volta-de-athletico-e-parana-na-arena/#comentarios
Title: 2

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/elas-trocaram-festa-de-formatura-por-trabalho-voluntario-e-hoje-auxiliam-70-mil-pessoas-compaixao-internacional/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/elas-trocaram-festa-de-formatura-por-trabalho-voluntario-e-hoje-auxiliam-70-mil-pessoas-compaixao-internacional/#comentarios

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/uma-infancia-cercada-de-carinho-e-a-chave-para-um-casamento-duradouro/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/filhos-de-pais-alergicos-terao-alergia-veja-mitos-e-verdades-sobre-o-tema/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/filhos-de-pais-alergicos-terao-alergia-veja-mitos-e-verdades-sobre-o-tema/#comentarios

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/nao-e-so-o-acucar-conheca-mais-alimentos-que-tambem-aumentam-a-ansiedade/
Title: Não é só o açúcar! Conheça mais alimentos que aumentam a ansiedade

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/por-que-assinar/
Title: Conheça a Gazeta

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-rodape-gazeta
Title: Assine

Search URL Search Domain Scan URL

URL: http://gazetadopovojornais.com.br/
Title: Anuncie

Search URL Search Domain Scan URL

URL: http://www.grpcom.com.br/junte-se-a-nos/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: http://www.umdoisesportes.com.br/
Title: UmDois Esportes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gazetadopovo.com.br.us3.cas.ms/ Page URL
https://www.gazetadopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621201777848&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1621201777848%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621201777848&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621201777848&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQJHD2CXyS4wRwAAAXl3J_bHDSwSZjo06oasyhCH4NzYGOO8EjB_KSj2CgzrCgv1JGfJHbrB

Request Chain 62

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621201777915&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621201777915&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F

Request Chain 271

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 291

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK4uFKLHF3SxhfeNWLJB0A&google_cver=1

Request Chain 292

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKGTddIlRRlIdXgEuvvyngAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK4uFKLHF3SxhfeNWLJB0A&google_cver=1

Request Chain 293

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAxs4Ix_ZHtIC--v8OLvPaQ&google_cver=1

Request Chain 294

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxMjg4NzM1NzI0NDU4NDAwNQ%3D%3D

Request Chain 306

https://um.simpli.fi/gp_match?google_gid=CAESEJ8OSZZgMWN-Cl3LTlf8AG4&google_cver=1&google_push=AQvitUKHKhSWLOHLbaZYQnX1_JVTjQxmipg7LPT6-JfhDSsPNdPQfc0bfr5tJ_N3ROHBrmEpdGVuf_xXDY5_-HTCB3IAjMRGTJbK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A66B51EAF2FA46FBB8BEF47461E25688&google_push=AQvitUKHKhSWLOHLbaZYQnX1_JVTjQxmipg7LPT6-JfhDSsPNdPQfc0bfr5tJ_N3ROHBrmEpdGVuf_xXDY5_-HTCB3IAjMRGTJbK

Request Chain 311

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECetwBzPZhOFGKFzAs7AjRI&google_cver=1&google_push=AQvitULuwwTYBYLmc5-cY1WZVT8ro5ma59rF_YKBU-aIi-mMSXDpqjhaQ6A5eE4z7iqnnjYipryAz042MbW2QcYHTqHC7jHw-BaK HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECetwBzPZhOFGKFzAs7AjRI&google_cver=1&google_push=AQvitULuwwTYBYLmc5-cY1WZVT8ro5ma59rF_YKBU-aIi-mMSXDpqjhaQ6A5eE4z7iqnnjYipryAz042MbW2QcYHTqHC7jHw-BaK&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULuwwTYBYLmc5-cY1WZVT8ro5ma59rF_YKBU-aIi-mMSXDpqjhaQ6A5eE4z7iqnnjYipryAz042MbW2QcYHTqHC7jHw-BaK&google_hm=e08cbb448bbe42f0b7252a4e

Request Chain 312

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBs55RLOvu8sgV4OS9blwJQ&google_cver=1&google_push=AQvitULmZpxcCNdYd6UuzzmCii_KyVuK7nd6K8muRmpT_sCe11s3_2JtUDcaOLHBD94IKEbst0XVwa7FGHX-EKHdmnxis8Ma3u8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitULmZpxcCNdYd6UuzzmCii_KyVuK7nd6K8muRmpT_sCe11s3_2JtUDcaOLHBD94IKEbst0XVwa7FGHX-EKHdmnxis8Ma3u8

Request Chain 355

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGoAcgGIcSsZJYu4OWhHXDY&google_cver=1

Request Chain 356

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKGTddIp8qTd74l50AQV7AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGoAcgGIcSsZJYu4OWhHXDY&google_cver=1

Request Chain 357

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJfsagg45FFTZNrpdt9yTd8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJfsagg45FFTZNrpdt9yTd8%26google_cver%3D1

Request Chain 358

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MDIyNDA4OTcwNDQ4MTMx

Request Chain 456

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOvN75PKOG8vQqByvlWnYho&google_cver=1&google_push=AQvitUKqn2c5UkZB5zXjXhWcyAeU9aVpytrdeAQguegXJ2F7wA7JNrbvZg15w_6Zl9NsNBjN0rSH_O0Sp2eZL2RIaFjSo8GwWbAy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg4ODgxNTgyNDAzNDI0OTk3Ng== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBrFwVVrsuk2tvgLRjmT9r0&google_cver=1

Request Chain 458

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKcXbY_bhBVOPkqUQoiKg8E&google_cver=1&google_push=AQvitULGihfDN4l46rETJ89NYrKxa6EtCo1QxVIVxkGPFB4uiiqrbh6ZloDJYojp2w3g-CkIsQ-Q7T9eBfGgRV7JUkBqPdkeWafe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcXbY_bhBVOPkqUQoiKg8E&google_push=AQvitULGihfDN4l46rETJ89NYrKxa6EtCo1QxVIVxkGPFB4uiiqrbh6ZloDJYojp2w3g-CkIsQ-Q7T9eBfGgRV7JUkBqPdkeWafe

Request Chain 460

https://rtb.openx.net/sync/dds?google_gid=CAESECjGyppq4gmyj9bGsYY-Atg&google_cver=1&google_push=AQvitUKYFBr57KyiVRNjp9jIcs3ACFSbVsfzagsFCzGdqnEHW0RK9r_HKyxIYkFAzRyAe2gWI1RMNFXl-NDCG1WZfYBT_DDW3hnb HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESECjGyppq4gmyj9bGsYY-Atg&google_cver=1&google_push=AQvitUKYFBr57KyiVRNjp9jIcs3ACFSbVsfzagsFCzGdqnEHW0RK9r_HKyxIYkFAzRyAe2gWI1RMNFXl-NDCG1WZfYBT_DDW3hnb&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKYFBr57KyiVRNjp9jIcs3ACFSbVsfzagsFCzGdqnEHW0RK9r_HKyxIYkFAzRyAe2gWI1RMNFXl-NDCG1WZfYBT_DDW3hnb&google_hm=7wbiRRH5yhIT-5A0vgs7FQ==

Request Chain 461

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEG2XjgT_Koq1di-UuPN4PyM&google_cver=1&google_push=AQvitUIEHsoPL53CPy5LySz94gazbhgpahuB0b9u7iryT8jwuMxifEATgzJUJzXV-7Af7uRCZc0kmk-EDewCBvwsVY4yvm5527VggA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUIEHsoPL53CPy5LySz94gazbhgpahuB0b9u7iryT8jwuMxifEATgzJUJzXV-7Af7uRCZc0kmk-EDewCBvwsVY4yvm5527VggA&google_hm=MzY3MDM3OTExMTc1MjYxMzE4Mw%3D%3D

Request Chain 471

https://pixel.adsafeprotected.com/rfw/st/706877/54379466/skeleton.js?adsafe_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e32cd4bc-89d9-e6ce-7eb4-3dad6a76cc4c,c:cOVMEC,sl:na,em:true,fr:false,mn:app22ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:grpm1,nbld:0,fm:sxC5sDf+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C18%7C19%7C1a%7C1b*.706877-54379466%7C1b1%7C1b2%7C1b3%7C1b41%7C1b5,idMap:1b*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:rjss,thd:1,et:229,oid:9eae496f-b690-11eb-ba3f-06da572054ee,v:19.8.198,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 512

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 526

https://redirector.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/B331F0A02E3F2B419E2BC9ECD4C1C38B71BD3A87.0CD489E3D07AB5B6518F4E0205DA20E29F3C6A/key/ck2/file/file.webm?range=0-999999 HTTP 302
https://r5---sn-4g5e6ns7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/47E19232FAFB5C52885B7A06B2928DA6EF074345.0F9E56EEEA378F0DE78A58E93BBBA81C9D4AD5F8/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:121:131a::2/mm/28/mn/sn-4g5e6ns7/ms/nvh/mt/1621201221/mv/m/mvi/5/pl/48?range=0-999999&file=file.webm

Request Chain 527

https://sb.scorecardresearch.com/p?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621201783486&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621201783486 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621201783486&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621201783486

Request Chain 548

https://redirector.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/B331F0A02E3F2B419E2BC9ECD4C1C38B71BD3A87.0CD489E3D07AB5B6518F4E0205DA20E29F3C6A/key/ck2/file/file.webm?range=1000000-1299999 HTTP 302
https://r5---sn-4g5e6ns7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/32620EF81FAACD0EA4DF3467D1D2D5B1C9F7DA00.27556F874CC2383A77C4B40DBA19F396A0D8511D/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:121:131a::2/mm/28/mn/sn-4g5e6ns7/ms/nvh/mt/1621201221/mv/m/mvi/5/pl/48?range=1000000-1299999&file=file.webm

546 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.gazetadopovo.com.br.us3.cas.ms/ 1 KB
841 B 191ms
25ms Document
text/html 40.81.121.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.81.121.140 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

6e6ea38b72668f7977a64ff403eb7d185f51228d15749b397ef3ddce7b3b81da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.gazetadopovo.com.br.us3.cas.ms
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Sun, 16 May 2021 21:49:37 GMT
x-mcas-request-id: 9155be2b51a796d781f74c55b26faff0
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
expires: Mon, 01-Jan-1990 00:00:00 GMT
strict-transport-security: max-age=31536000
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.200.40/js/ 5 KB
5 KB 148ms
8ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-store-helper.min.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726

Request headers

Referer: https://www.gazetadopovo.com.br.us3.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 16 May 2021 21:49:37 GMT
last-modified: Tue, 04 May 2021 17:11:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: npsIWjlCWsd9fFNnNdaKMw==
etag: 0x8D90F1F9E34F4BE
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2ac76fd-101e-0001-4833-455529000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2936
x-ms-version: 2009-09-19
content-length: 4994

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/0.200.40/html/ Frame B317 281 B
726 B 7ms
7ms Document
text/html 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br.us3.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br.us3.cas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Tue, 04 May 2021 17:07:19 GMT
etag: 0x8D90F1F135BA00D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4a4241b6-e01e-001f-7a33-458fc4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=4939
date: Sun, 16 May 2021 21:49:37 GMT

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.200.40/js/ Frame B317 64 KB
65 KB 7ms
7ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fa7c60fca96e114cf9162a26c0eef728783f2dbff06d2b86773535af90de3f8b

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 16 May 2021 21:49:37 GMT
last-modified: Tue, 04 May 2021 17:11:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: dSafsVqER9739PXXMGX73g==
etag: 0x8D90F1F9DEDA57A
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2ac7937-101e-0001-4333-455529000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=6671
x-ms-version: 2009-09-19
content-length: 66024

GET
H2 200 Primary Request / Show response
www.gazetadopovo.com.br/ 1 MB
291 KB 112ms
46ms Document
text/html 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b9bb468bdbc52e7bcdb3d7bfafb1d7ce917407233817b97b9bbe2da7690bff4

Request headers

:method: GET
:authority: www.gazetadopovo.com.br
:scheme: https
:path: /?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.gazetadopovo.com.br.us3.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br.us3.cas.ms/

Response headers

content-type: text/html
date: Sun, 16 May 2021 21:45:40 GMT
last-modified: Sun, 16 May 2021 21:45:13 GMT
etag: W/"99dacdea6c764a581e3570a1a86a2e60"
cache-control: max-age=600
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: 2Q6L0Gtp-iU1CDOLvBRESbNiG9xl8Y7unQVoDWdlTqcL0wyIuFy_hw==
age: 238

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 38ms
22ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:37 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 813
etag: W/"5404400d01d5519bc4a10316e7ed5c9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6507d124fd381f11-FRA
cf-request-id: 0a18c10b1700001f1105a01000000001
expires: Wed, 19 May 2021 21:49:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
959 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 May 2021 21:49:37 GMT
server: ESF
date: Sun, 16 May 2021 21:49:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 May 2021 21:49:37 GMT

GET
H2 200 e6Ya311101.css
cdn.privacytools.com.br/public_api/banner/style/ 8 KB
2 KB 44ms
18ms Stylesheet
text/css 2606:4700:20::681a:415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/style/e6Ya311101.css?t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:415 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6836
cf-polished: status=cannot_optimize
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a18c10b2100004ec7d2213000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qnt5ZptDl9mlf2zDcQcyGlVCUnotKA%2Bhoc9j03mC3ZPIl%2B5KgrG%2B30ERqQ%2Bsmyui3Iu7RIL2iicyM7ZstUqYrETXi34z83fdVGs%2FWS3Mc6h%2Bm7W0cUjs7TLFHLCyll6jGp75aA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 6507d1250abd4ec7-FRA

GET
H2 200 app-19c4d622d6a1aee75230.css
www.gazetadopovo.com.br/assets/ 681 KB
45 KB 54ms
52ms Stylesheet
text/css 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a4cc0e434a49a85bef77cf1d345a20b952002eb8704dcddd90301e13d4bd67b

Request headers

:path: /assets/app-19c4d622d6a1aee75230.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 21:30:16 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 21:09:26 GMT
server: AmazonS3
age: 260362
etag: W/"fcd71f4f27fbff1beb0c0fd5b55622ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
content-type: text/css
x-amz-cf-id: vdMXXh1HcE81An7mePU_j9Mgi1hpw2MyOYVE2PolzbszP9soAx9TZQ==

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 27ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:37 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1621201777.dop038.fr8.t,1621201777.cds253.fr8.hn,1621201777.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 114 KB
27 KB 28ms
8ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 389033bda6df04020f9010686fdac3a0232caddadddf2ea2367954c0aeb5be35

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 16 May 2021 21:49:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 May 2021 09:22:23 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27418
Expires: Sun, 16 May 2021 22:49:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4965
date: Sun, 16 May 2021 20:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 16 May 2021 22:26:52 GMT

GET
H2 200 ico-noticias.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 402 B
759 B 24ms
23ms Image
image/svg+xml 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-noticias.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2015d08cf877ee0e5feb420c465fc70cff1b10c244e3bf6b9ce00131d542c3c

Request headers

:path: /assets/images/menu/icons/ico-noticias.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 18:52:25 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
last-modified: Thu, 25 Mar 2021 16:56:03 GMT
server: AmazonS3
age: 4417033
etag: "0047e5eff1c16451783c127e71d7c4dc"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
content-type: image/svg+xml
content-length: 402
x-amz-cf-id: bPvNiTzlVV1JWuWuiyka7WsgUZL4RiJNaeDbqQh3CjjzwG-lNxlGWQ==

GET
H2 200 ico-opiniao.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 742 B
1 KB 27ms
25ms Image
image/svg+xml 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-opiniao.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc33068463b75ac7fad0d842a236d8d2ed2a74cb708b7a4d59fb1d62a2bd7ace

Request headers

:path: /assets/images/menu/icons/ico-opiniao.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:04:10 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 8520327
etag: "81ceaad7f3bf5e4912e4a7e9fea1d1a8"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
content-type: image/svg+xml
content-length: 742
x-amz-cf-id: FmVpqWI8WuQzOsG9VCJvM4XEo7UOEBQ7AesmsK1ztEstSycYSHD0AQ==

GET
H2 200 ico-descubra.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 553 B
911 B 25ms
24ms Image
image/svg+xml 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-descubra.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74c0f92cf921b0e0c165e4aa0141c4f794d87c28b11977f5f6926f057e5c1d96

Request headers

:path: /assets/images/menu/icons/ico-descubra.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:25 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:16 GMT
server: AmazonS3
age: 8443933
etag: "f54a53358f4eb688ab2e8b30a5f16f6c"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
content-type: image/svg+xml
content-length: 553
x-amz-cf-id: syOGFYPNiJq9FJl4N1YQxBTmIkkQjjuiWk-Xo4731VeQsmMWiPGUtg==

GET
H2 200 ico-minha-gazeta.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 381 B
738 B 23ms
22ms Image
image/svg+xml 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-minha-gazeta.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e36e842af5f12bbadd9c73fbf17e12e2276023449e50fd704bcffd01cff53568

Request headers

:path: /assets/images/menu/icons/ico-minha-gazeta.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 02:49:07 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 8794830
etag: "e7caef4cd9fc8923d63157348bf8b219"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
content-type: image/svg+xml
content-length: 381
x-amz-cf-id: uShlWKoRGJ_UeB9pv4rynB0SrfuKE6udXlErNMA3ptgAx03npsDrsA==

GET
H2 200 gazeta-fallback.svg
www.gazetadopovo.com.br/assets/images/svg/ 123 B
478 B 23ms
22ms Image
image/svg+xml 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/svg/gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54db486cb5db345a75c3532967f3ccdbc1cc03260c6526ceac88fdf8b5d12ed7

Request headers

:path: /assets/images/svg/gazeta-fallback.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 07:20:10 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
last-modified: Sat, 27 Feb 2021 20:44:32 GMT
server: AmazonS3
age: 6013767
etag: "852c057958949c7560916cdd5f0121ab"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
content-type: image/svg+xml
content-length: 123
x-amz-cf-id: A4s37FPC7GFTGmh2_lgmoMPztYDxqodAR4cEA1tcGvqilXjiuNVP2Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
62 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9c7ebb797581cdb9b95dff3df6208bbe9af5c9bec404dabac94a7bb5ff60b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63250
x-xss-protection: 0
last-modified: Sun, 16 May 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 May 2021 21:49:37 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 8 KB
3 KB 44ms
18ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0478f8a286d5e8074dd717ecfdea6fbff972a2a0a4103d7dc9dc4fe680a37c25

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 606
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 0a18c10b7300000610db037000000001
last-modified: Mon, 26 Apr 2021 21:14:53 GMT
server: cloudflare
etag: W/"60872d4d-1f5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6507d1258f900610-FRA
expires: Sun, 16 May 2021 22:39:31 GMT

GET
H2 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 05:41:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:51 GMT
server: sffe
age: 58063
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20196
x-xss-protection: 0
expires: Mon, 16 May 2022 05:41:54 GMT

GET
H2 200 qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 06:10:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:41 GMT
server: sffe
age: 56318
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20252
x-xss-protection: 0
expires: Mon, 16 May 2022 06:10:59 GMT

GET
H2 200 DiogoSchelp.jpg
media.gazetadopovo.com.br/2020/03/02115626/ 8 KB
8 KB 37ms
8ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/03/02115626/DiogoSchelp.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ec649d2dcca2127705338bf4025717185003216687b7d5a9cd6db9024d919b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 03:16:31 GMT
content-encoding: gzip
last-modified: Mon, 02 Mar 2020 14:56:28 GMT
server: AmazonS3
age: 930787
etag: "09954104a5d8be22a406730d46591a93"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7822
x-amz-cf-id: 0DeMoSetPYIbqQI6Voc52eY6zH0GTRyXQJRDhgeRIdptR7wYz26EFQ==
expires: Tue, 02 Mar 2021 14:56:26 GMT

GET
H2 200 guilherme-fiuza1.jpg
media.gazetadopovo.com.br/2019/05/23164349/ 7 KB
7 KB 37ms
8ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/05/23164349/guilherme-fiuza1.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60616ec1ddc6f55e71065b09f27f371cbf3b5ab82d9a08a9832e8e4acc27098f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 02:38:43 GMT
content-encoding: gzip
last-modified: Thu, 23 May 2019 19:43:51 GMT
server: AmazonS3
age: 155455
etag: "b5cafb0c901083049bd69879736d923d"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 6539
x-amz-cf-id: tLdQbbCe4o3hsWxGlLuIO_nYs1U4SI6kWPi8cqHAD2KXaZxVW6tQMA==
expires: Fri, 22 May 2020 19:43:49 GMT

GET
H2 200 thiago-rafael-vieira.jpg
media.gazetadopovo.com.br/2020/03/17170052/ 9 KB
9 KB 37ms
8ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/03/17170052/thiago-rafael-vieira.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: feae690a5c73d87b92b082e21f1c24672ec8fbc0eb637dee7afd73ff4f26139c

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 03:12:27 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 20:00:55 GMT
server: AmazonS3
age: 153430
etag: "e9d934461c1de7e26c3d486fd0f35f9e"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8611
x-amz-cf-id: RT2IrxR0Jt-9bAieCTsH6U8XTKBDPsDFvc-TIsuJ80yDaKw4MN7LJg==
expires: Wed, 17 Mar 2021 20:00:52 GMT

GET
H3-29 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/ 19 KB
19 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:03:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:53 GMT
server: sffe
age: 330393
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19300
x-xss-protection: 0
expires: Fri, 13 May 2022 02:03:04 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=594716913&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1251914123&gjid=1477152867&cid=2019157809.1621201778&tid=UA-23088598-1&_gid=598204554.1621201778&_r=1&_slc=1&z=1632521491

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dante-mendonca.jpg
media.gazetadopovo.com.br/2019/05/23144613/ 9 KB
9 KB 11ms
9ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/05/23144613/dante-mendonca.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c5e5f9c3516530b000b023336d95bcdc0cf11b1a58dc236fdda801fc376de12

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 18:40:29 GMT
content-encoding: gzip
last-modified: Thu, 23 May 2019 17:46:15 GMT
server: AmazonS3
age: 356949
etag: "519a7f0f169f60e725c0e1d7c21b0a9b"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 9061
x-amz-cf-id: BH3Y8g2ckINCXfr1XU6F8WLWxafwnYEq7SBCepwmGug-TnPne6mcGw==
expires: Fri, 22 May 2020 17:46:13 GMT

GET
H2 200 infog-remote.js Show response
multimidia.gazetadopovo.com.br/recursos/js/ 10 KB
10 KB 79ms
22ms Script
application/javascript 2600:9000:206e:8e00:1b:3b3:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://multimidia.gazetadopovo.com.br/recursos/js/infog-remote.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:8e00:1b:3b3:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) PHP/5.5.21 /
Resource Hash: 9d4d616940d411a94537e925458bb37ec3538e07e9203579cd261a52d1659f6e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 08:45:00 GMT
via: 1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)
last-modified: Fri, 09 Nov 2018 13:38:20 GMT
server: Apache/2.4.6 (CentOS) PHP/5.5.21
age: 47077
etag: "277a-57a3b76e9180e"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 10106
x-amz-cf-id: cJLimw8llLPtLLQGIQcidHBFhin1DkIY03lWtCsjw4AvO-qkht8iMQ==
expires: Sun, 16 May 2021 08:50:00 GMT

GET
H2 200 guilherme-rodrigues.jpg
media.gazetadopovo.com.br/2019/12/09151333/ 9 KB
9 KB 10ms
9ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/12/09151333/guilherme-rodrigues.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 036cd4074bc09f061a7d6a56a3437bf4e7ce8d7b8961eb1a171fa0c1c1082d0b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:37:52 GMT
content-encoding: gzip
last-modified: Mon, 09 Dec 2019 18:13:35 GMT
server: AmazonS3
age: 8453506
etag: "a07ae34fda0fe12834d71751c5baa064"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 9208
x-amz-cf-id: EDKNCvZSsZnbTSNVksmvTMeX_LQQ2Y0ls7Mpal_3qCSJwr-D_9K--A==
expires: Tue, 08 Dec 2020 18:13:33 GMT

GET
H2 200 logo-gazeta-fallback.svg
assets.gazetadopovo.com.br/images/svg/ 2 KB
1 KB 41ms
7ms Image
image/svg+xml 2600:9000:21f3:2800:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/logo-gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2800:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d2dc473ab0f5f864cbf1bbfdf2e971ac5a750e226e1fd44bde4e1288da8966d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:04:13 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2021 19:11:32 GMT
server: AmazonS3
age: 8520325
etag: W/"d792eee1076dd5de89b09831c82d0436"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: tMUllYAMfK0CIEnH6clBBp7mbWivSlZUNRld85iG8LWCmatFp_-cOw==

GET
H2 200 ico-related-items.svg
assets.gazetadopovo.com.br/images/svg/ 156 B
527 B 42ms
8ms Image
image/svg+xml 2600:9000:21f3:2800:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-related-items.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2800:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2dc4525c53a2721b9e0b858ec72e218e7fc1de72fbdae84653648daed62b89de

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 03:59:10 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:29 GMT
server: AmazonS3
age: 8445028
etag: "a1e034e511ddfddbd71c0ee10f8240f0"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 156
x-amz-cf-id: 7AnYXUvo9FPhWkj2O9pMyBdSugqiV6KKaW_GWJKH96_sfX2POEHiaw==

GET
H3-29 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 18 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 01:26:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:44 GMT
server: sffe
age: 505416
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18924
x-xss-protection: 0
expires: Wed, 11 May 2022 01:26:01 GMT

GET
H2 200 paulo-polzonoff.jpg
media.gazetadopovo.com.br/2019/12/02152010/ 8 KB
8 KB 8ms
7ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/12/02152010/paulo-polzonoff.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8ce4a0a32c830a6051b2907482e3122be8ad51d495ed58b238c68502b5eb8cf

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:26 GMT
content-encoding: gzip
last-modified: Mon, 02 Dec 2019 18:20:12 GMT
server: AmazonS3
age: 8443932
etag: "e94bc2091dec13fcb35322d48e48f9b3"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7448
x-amz-cf-id: 2f-uVTDo_J3ewEzn0z15Sv6bUNw7CKP59KdIwrC4_yYlnQw-OaKf7Q==
expires: Tue, 01 Dec 2020 18:20:10 GMT

GET
H2 200 jussara-3.jpg
media.gazetadopovo.com.br/2021/03/01174217/ 8 KB
8 KB 9ms
8ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/03/01174217/jussara-3.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2380ab708a75fc7442adfbb8fb830748d0214fd48d127a2802c50275b9885169

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 14:38:34 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 20:42:18 GMT
server: AmazonS3
age: 4605064
etag: "bfcf83bdbb615463d383738874a0e4bd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7801
x-amz-cf-id: uGBvolpjqtqF0fHf395U_EdPpUHIGY6nBwpxrcE2h0Il_kyE21f-8w==
expires: Tue, 01 Mar 2022 20:42:17 GMT

GET
H2 200 owl.carousel.min.js Show response
www.gazetadopovo.com.br/assets/legacy/ 43 KB
12 KB 22ms
22ms Script
application/javascript 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/owl.carousel.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1756fb46aa1a7fe26e8c57328db54497ef70236895be1a7160718bb772abe23b

Request headers

:path: /assets/legacy/owl.carousel.min.js
pragma: no-cache
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 05:24:22 GMT
content-encoding: gzip
last-modified: Fri, 30 Apr 2021 21:35:05 GMT
server: AmazonS3
age: 1355116
etag: W/"5274afb2522b0f6f1b6a019949c3c104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
content-type: application/javascript
x-amz-cf-id: HdthIRZXUQBRuckIPdDqz_19B1Dw0u_veRcL1_x19bbqZmnW5cC_Eg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=2019157809.1621201778&jid=1251914123&gjid=1477152867&_gid=598204554.1621201778&_u=IEBAAEAAAAAAAC~&z=1413301389

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 16 May 2021 21:49:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rep.gif
scomcluster.cxense.com/Repo/ 43 B
469 B 138ms
34ms Image
image/gif 178.63.12.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scomcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=korpohibdertcsfb&sid=1138596144857280556&loc=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&new=1&arf=0&ltm=1621201777571&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tzo=-120&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=korpohkt6pyj1nd0&ckp=korpohkutl78fg54&glb=&wsz=1600x1200
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de716.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 16 May 2021 21:49:37 GMT
Server: Jetty(9.4.28.v20200408)
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 GazetaDoPovoSDK.js Show response
www.gazetadopovo.com.br/assets/legacy/ 145 KB
37 KB 32ms
31ms Script
application/javascript 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/GazetaDoPovoSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b86ceab3181ad0abc55bddbb9804e90b6b2c2d7a663473a6d49132a50ce18a2

Request headers

:path: /assets/legacy/GazetaDoPovoSDK.js
pragma: no-cache
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1; cX_S=korpohkt6pyj1nd0; cX_P=korpohkutl78fg54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 06:08:31 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2019 18:34:32 GMT
server: AmazonS3
age: 6018066
etag: W/"93db618a4f3bd0163e68ad039dcbd60c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: VIE50-C2
content-type: application/javascript
x-amz-cf-id: uWpVi0Z_ia3-vHC6tgQZaM8rzV-WP378m-JvrMpp-gAhanC3BMT3pA==

GET
H2 200 social.js Show response
www.gazetadopovo.com.br/assets/legacy/ 264 KB
79 KB 27ms
26ms Script
application/javascript 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/social.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3bca498f4fa68a5d099135c6b44322e22aa62e509f59fc294d9e53d38475374

Request headers

:path: /assets/legacy/social.js
pragma: no-cache
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1; cX_S=korpohkt6pyj1nd0; cX_P=korpohkutl78fg54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 04:10:05 GMT
content-encoding: gzip
last-modified: Mon, 09 Dec 2019 16:43:33 GMT
server: AmazonS3
age: 15356373
etag: W/"d36619672c599923a4c9712bd040f9e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: VIE50-C2
content-type: application/javascript
x-amz-cf-id: kr6DY93JEGSllZK5EiMJWkkbYHWTorvSR027CfVc4k5bMuM7K5G9Rg==

GET
H2 200 vendor-9baf93355710264da6ef.js Show response
www.gazetadopovo.com.br/assets/ 295 KB
96 KB 41ms
40ms Script
application/javascript 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8081c769c2d9191a1ae2bea8b1409784c0a13d70b83bb2f41d41cc22ef2164e7

Request headers

:path: /assets/vendor-9baf93355710264da6ef.js
pragma: no-cache
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1; cX_S=korpohkt6pyj1nd0; cX_P=korpohkutl78fg54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 14:32:53 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 14:30:45 GMT
server: AmazonS3
age: 285404
etag: W/"3e425e478050fb49f8d5dbffdd68f55b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
content-type: application/javascript
x-amz-cf-id: fWDZsNWQbdD6NsUkoPOdjf-IsQBTUbeMKgECaVNY4tCyX3mn09mHQw==

GET
H2 200 gazetadopovo-app-b3eeb35c5cd968c95b53.js Show response
www.gazetadopovo.com.br/assets/ 366 KB
67 KB 25ms
24ms Script
application/javascript 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/gazetadopovo-app-b3eeb35c5cd968c95b53.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bee94f92f87881238a9d783523e1d3c6eae7d4f808e261eea83c5c5b585e6a60

Request headers

:path: /assets/gazetadopovo-app-b3eeb35c5cd968c95b53.js
pragma: no-cache
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1; cX_S=korpohkt6pyj1nd0; cX_P=korpohkutl78fg54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 14:32:54 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 14:30:08 GMT
server: AmazonS3
age: 285404
etag: W/"ceb11d3e5815f015f9e46b4a991d0a61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
content-type: application/javascript
x-amz-cf-id: DkU1bOp929Jy5y6SI-8XlrLBQD0HL8BhlCAKSeGJjrwscOPBvskS2A==

GET
H2 200 google-3.2.2.js Show response
www.gazetadopovo.com.br/assets/legacy/swg/ 114 KB
38 KB 24ms
23ms Script
text/javascript 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3

Request headers

:path: /assets/legacy/swg/google-3.2.2.js
pragma: no-cache
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1; cX_S=korpohkt6pyj1nd0; cX_P=korpohkutl78fg54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 14:59:58 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 20:50:04 GMT
server: AmazonS3
age: 15490180
etag: W/"9c302f91fb353b7f558cbda7922e6da1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
content-type: text/javascript; charset=UTF-8
x-amz-cf-id: tHKcYb-0dg3ymLntRunORxOmCPg0ldqA_8L6ZeK69eexb1K5hdI1HA==

GET
H/1.1 200
OK JSPianoSDK-0.4.4.js Show response
gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/ 323 KB
323 KB 403ms
109ms Script
application/json 52.217.82.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.82.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3e4b3a58fd8e383e180de6ed3ed7fbccc7b6179f0b946e84cd34c7f6b4d448d8

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 16 May 2021 21:49:39 GMT
Last-Modified: Fri, 05 Mar 2021 13:15:08 GMT
Server: AmazonS3
x-amz-request-id: 4XR9MBFK8JZCDMRG
ETag: "cc0b84a81c8868bf472ad514d8695844"
Content-Type: application/json
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 330317
x-amz-id-2: LUpv/toklpNYxu2OvH0UICRMmqMGQpXM6IWZgJnphbPZYiPQ+ALFeIJ/Dg5CsDM85T++Gole93A=

GET
H3-29 200 e6Ya311101.js Show response
cdn.privacytools.com.br/public_api/banner/script/ 107 KB
19 KB 33ms
22ms Script
text/plain 2606:4700:20::681a:415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/script/e6Ya311101.js?p=bottom&t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:415 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37ef970abec9e060cd27738ebb3195713fb367ebcf37702e825c93d990b4c493

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11618
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JjdILqrSF3oDxSH2cgmoBoU6i%2BLH817yOSmn%2Bcoq7qOF3V1TlRDu6nM2hd%2B8vL1gXqCbEAzXiiJcrNuc8tJ%2B8gLJhULqsJur5v0MrWvAJ%2FB%2BGGIDxSceKy6tNbGxzFiorzf3Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cache-control: public, max-age=14400, s-maxage=86400, must-revalidate, proxy-revalidate
cf-ray: 6507d1267b7505ed-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a18c10c0d000005edbabdc000000001

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 699
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Sun, 16 May 2021 22:37:58 GMT

GET
H2 200 hotjar-457089.js Show response
static.hotjar.com/c/ 32 KB
5 KB 81ms
27ms Script
application/javascript 143.204.209.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-457089.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.209.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-209-3.fra53.r.cloudfront.net

Software

Resource Hash

01a5537bcbce3d21380990043af32e0651fd9330a42a3d23dbc26a39fc96d546

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:09 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 28
etag: W/7a1e6bc4140af90017f40471fac22bf2
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: pgBtsQ6a7Y9YH4I4ZvlqKHKEU26dhWzYngXpV5CSCdyMRbCE_RNNWw==
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 92ms
35ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14057
x-xss-protection: 0
server: cafe
etag: 15306424688967737279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 May 2021 21:49:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 47ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: /tlhfB09DVZQjU6bv7jBWDSqtroHtyRIv/JJ6COi+rau9HwwgzVXFF/ryBNzjUmakvlpfAZnjm037Miaw9V52w==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 16 May 2021 21:49:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 110ms
36ms Script
application/javascript 99.86.242.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-124.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:36:45 GMT
via: 1.1 9a736972b021a4b2382c29923f73ce8b.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 773
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 8xWe6LLsMT3acWewbjlkFisDeQXXJliir6HHj9y9qDTYb22HuIIW_A==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 16 May 2021 21:49:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=45565
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 13 B
413 B 76ms
24ms Script
application/javascript 143.204.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-70.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 06:16:54 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Thu, 05 Sep 2019 14:23:06 GMT
server: AmazonS3
age: 1697564
etag: "8e742d11d6b24c401e35f3b516726584"
x-cache: Hit from cloudfront
x-amz-version-id: HcQ7eDLpUO0rOnZ5z49wWPmZsoIBXyGt
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 13
x-amz-cf-id: V3SSfeVlsuMnn-RmUFN_DtOSRS34ps8RnY1Vkxm_aqFuJvevylxoYg==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 73ms
23ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:37 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 75478
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1621201778.776198,VS0,VE0
x-served-by: cache-hhn11542-HHN

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=2019157809.1621201778&jid=1251914123&_u=IEBAAEAAAAAAAC~&z=1234719627

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 37ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=2019157809.1621201778&jid=1251914123&_u=IEBAAEAAAAAAAC~&z=1234719627

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5294.json Show response
s3.amazonaws.com/gp-infoservices/infocoder/ 27 KB
27 KB 391ms
111ms Script
application/json 52.216.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/gp-infoservices/infocoder/5294.json?_=1621201777496
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.51 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fd6d343c560c20611901e4c09e6f4da827fdb5957d2e4e2d3047c2e5804d4e6b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 16 May 2021 21:49:39 GMT
Last-Modified: Tue, 20 Oct 2020 21:22:55 GMT
Server: AmazonS3
x-amz-request-id: 4XRD5C5KGVYD6WA1
ETag: "16fd83f68ab6025e68cf1c8761f5a7c1"
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 27623
x-amz-id-2: ZXTscUSNynmR40DYqlUbkihJWRdgfyrYa8H+lMvADsduPU2EL6VN0R3JLUSW9mPsWDV/1q1O4nQ=

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGDAAEALQAAAAC~&jid=224607276&gjid=1121916410&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=598204554.1621201778&_r=1&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&z=151025702

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-K98STKR&t=gtm4&cid=2019157809.1621201778

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60656548f6cd37dd7402d9cf541c2c2f729b8d766dc9e497d54bbbc01f2339eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35083
x-xss-protection: 0
last-modified: Sun, 16 May 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 May 2021 21:49:37 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 147 KB
44 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb0d7d427858d047173d87a8702ddd16a3153fb51516f6786783dc6dc1b293d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 2356
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44829
x-xss-protection: 0
expires: Sun, 16 May 2021 22:00:21 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 62ms
45ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:37 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 1562
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a18c10cc800001f1999987000000001
x-request-id: Cb3y7tqdFEy
wn: prod-exp-10-0-83-141
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 6507d127ab021f19-FRA
expires: Sun, 16 May 2021 22:19:37 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621201777848&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1621201777848%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621201777848&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621201777848&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQJHD2CXyS4wRwAAAXl3J_bHDSwSZjo06oasyhCH4NzYGOO8EjB_KSj...

0
155 B

295ms
108ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621201777848&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQJHD2CXyS4wRwAAAXl3J_bHDSwSZjo06oasyhCH4NzYGOO8EjB_KSj2CgzrCgv1JGfJHbrB
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: MIXwnm2qfxbgcqo0XCsAAA==

Redirect headers

date: Sun, 16 May 2021 21:49:38 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621201777848&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQJHD2CXyS4wRwAAAXl3J_bHDSwSZjo06oasyhCH4NzYGOO8EjB_KSj2CgzrCgv1JGfJHbrB
x-li-proto: http/2
x-li-pop: prod-edc2
content-length: 0
x-li-uuid: B2jki22qfxZAsfUYPysAAA==

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 30ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=2019157809.1621201778&jid=224607276&gjid=1121916410&_gid=598204554.1621201778&_u=aGDAAEALQAAAAC~&z=1755306317

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 16 May 2021 21:49:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 343122172743779 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 359ms
359ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/343122172743779?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c8559b3d9f89fac3a49716cc7ae77f6b922e2e5c82c81e4b558fcdb5a819e35

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: vZenz3wDF+atxKO4OO3ujIMOWdgbimsv9ZUuUNWgdHs6kvufsTffCmPC0gHKqzzeI7x1E2oRttGPVydXvagx4w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 16 May 2021 21:49:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.0fd8b750824023792fba.js Show response
script.hotjar.com/ 220 KB
58 KB 112ms
40ms Script
application/javascript 13.32.6.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0fd8b750824023792fba.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-457089.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.6.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-6-61.vie50.r.cloudfront.net

Software

Resource Hash

65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 396753
x-cache: Hit from cloudfront
content-length: 59191
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 07:37:04 GMT
etag: "cd11ca1a90eced753504203f173db976"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2acbf12c17a7f7f2ed99463cb4024587.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: nqVYoIgejFyJWMCZuVu4OPx1Gs-yu96Ch2JIIzM99LP1ET8VPil7SA==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621201777915&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=http...
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621201777915&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=htt...

64 B
331 B

63ms
62ms

Image
image/gif

99.86.242.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621201777915&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-124.vie50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
via: 1.1 9a736972b021a4b2382c29923f73ce8b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: JASbi37FvWD3tDRXF7B2hyQVkCXURAie5qGzIXaILXnIOO6TbAMWOg==

Redirect headers

date: Sun, 16 May 2021 21:49:37 GMT
via: 1.1 9a736972b021a4b2382c29923f73ce8b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621201777915&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F
content-length: 314
x-amz-cf-id: wNGNRv1Xn1VFmINzmZ2BYhKa_w2rh-LJNytZqvt_mQoMN6-Da17fZw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/ 2 KB
2 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/?random=1621201777916&cv=9&fst=1621201777916&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73bd5a23aafe8831ae3b1672f705e5abf5306911449b37fad47f0d72a2919c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/ 2 KB
1 KB 36ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/?random=1621201777919&cv=9&fst=1621201777919&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9229c7c9e31404fedfdd12442770d5711dcc3aad9bb80d3a3740af703bf751b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
449 B 187ms
138ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Sun, 16 May 2021 21:49:38 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9cbe23395f7f63733749c50c36745c05
x-transaction: 00bd9d4900f584ed
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 21ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 2354
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Sun, 16 May 2021 22:00:24 GMT

GET
H3-29 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 44CC 25 KB
8 KB 76ms
66ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=450333

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0960773a73469200c61f42b66f50be09dc8c8e3ad35ae3279b4c87ba5e63472c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-dkswlYY0atKiFjuk+o9Xpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-dkswlYY0atKiFjuk+o9Xpg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=450333
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 May 2021 21:49:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-dkswlYY0atKiFjuk+o9Xpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-dkswlYY0atKiFjuk+o9Xpg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=215=SWOjjK9L-AABJlu5i7ZVBqDrJGDDgq1UiGFmt-M1eLUe8KpBJpCi6pmNLkRcbaAl_dAIiRSk_u3w5aTpI4ovo-lEet-rESKg7azjzSqhwH1_9eKRHl9Ut1XXI_UdWdjUP4PMh9hNw5iySosQ2eTtzN6TvoDKjbaElDrdHvHxUzg; expires=Mon, 15-Nov-2021 21:49:38 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 17ms
7ms Other
image/svg+xml 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 2353
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Sun, 16 May 2021 22:00:25 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 27ms
25ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=2019157809.1621201778&jid=224607276&_u=aGDAAEALQAAAAC~&z=429013095

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
17ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=2019157809.1621201778&jid=224607276&_u=aGDAAEALQAAAAC~&z=429013095

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 407 KB
127 KB 44ms
42ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91e9164448bbb0306f0ad72dad13782ef08ae66a9ac3d9b857d9a57a8a3468a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 281
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a18c10d6200001f1995afb000000001
wn: prod-dash-10-0-134-202
last-modified: Thu, 13 May 2021 01:18:32 GMT
server: cloudflare
etag: W/"416463-1620868712000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=300
cf-ray: 6507d1289c7e1f19-FRA
expires: Sun, 16 May 2021 21:54:38 GMT

GET
H3-29 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/ 2 B
58 B 68ms
68ms Fetch
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/961891575/ 42 B
64 B 21ms
19ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/961891575/?random=1621201777916&cv=9&fst=1621198800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=4041961521&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/961891575/ 42 B
64 B 21ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/961891575/?random=1621201777916&cv=9&fst=1621198800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=4041961521&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/854244571/ 42 B
64 B 20ms
18ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854244571/?random=1621201777919&cv=9&fst=1621198800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=2752540636&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/854244571/ 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854244571/?random=1621201777919&cv=9&fst=1621198800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=2752540636&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 / Show response
www.gazetadopovo.com.br/ 0
353 B 431ms
430ms XHR
text/html 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/?&_=1621201777804
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1; cX_S=korpohkt6pyj1nd0; cX_P=korpohkutl78fg54; _gcl_au=1.1.817852080.1621201778; _gat_UA-23088598-1=1
:path: /?&_=1621201777804
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: HEAD
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:39 GMT
content-encoding: gzip
last-modified: Sun, 16 May 2021 21:45:13 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: W/"99dacdea6c764a581e3570a1a86a2e60"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: null
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
cache-control: max-age=600
content-type: text/html
x-amz-cf-id: W1cAhuCcM6qdUfNgchC9Qsbl6YpUn3NNxxfJqmL4JB_Xx3HiGYQSUg==

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 2 KB
2 KB 153ms
153ms XHR
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db92479c24fcad94851f07f810e2a8dd907993a3914359bf9918718c21740a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a18c10dc200001f199c22b000000001
x-request-id: Cqaz7tqXwxR
pragma: no-cache
wn: prod-exp-10-0-120-229
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6507d1293d8f1f19-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
281 B 35ms
27ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32465dc09887d5b666172cf92f6637ddbcd8edce67e15e70ce8584843f12630d

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 83
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a18c10dcd00001f198824d000000001
x-request-id: Cf8z7tqEyEh
pragma
wn: prod-dash-10-0-82-87
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 6507d1294da91f19-FRA
expires: Sun, 16 May 2021 22:09:38 GMT

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ Frame 44CC 21 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450333

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 2354
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Sun, 16 May 2021 22:00:24 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6P6... Frame 44CC 146 KB
52 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6P6eRXtNH-tilX1aBa3EcV30osjA/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bb5ff84e63393bb298a05213f488e34cfb5ac638a8b381a7a9e45c39e4100b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 184428
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52628
x-xss-protection: 0
expires: Sat, 14 May 2022 18:35:50 GMT

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L... Frame 44CC 36 KB
13 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6P6eRXtNH-tilX1aBa3EcV30osjA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05daf5641860d931d49d2ca3a20ed7783556a7ff7e33ea605d06c90629649d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 184427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13450
x-xss-protection: 0
expires: Sat, 14 May 2022 18:35:51 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame 44CC 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450333

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 330396
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Fri, 13 May 2022 02:03:02 GMT

GET
H3-29 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L... Frame 44CC 95 KB
32 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI58Lm0UVMW1gRr-XcZmpfNmZ27tVw/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4217cd168f164b006c464f9f563d9f24c18a700e67b24616aad1d714c0187e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 184427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33097
x-xss-protection: 0
expires: Sat, 14 May 2022 18:35:51 GMT

POST
H3-29 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 44CC 256 B
225 B 68ms
68ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=330905787222940587&bl=boq_subscribewithgoogleclientserver_20210513.11_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=85779&rt=c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5dc6fa0e3b728bf2952dc08085465c863cb0c04085b0aa06da1dae1d2e2a8208

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L... Frame 44CC 46 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI58Lm0UVMW1gRr-XcZmpfNmZ27tVw/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

babf9b4d3f19a5f57d8a37149b7367c713f3104c19fa4ed9efb7622652ecd67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 184427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17699
x-xss-protection: 0
expires: Sat, 14 May 2022 18:35:51 GMT

GET
H3-29 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L... Frame 44CC 236 B
183 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI58Lm0UVMW1gRr-XcZmpfNmZ27tVw/m=lwddkf

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 184427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Sat, 14 May 2022 18:35:51 GMT

GET
H3-29 200 m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L... Frame 44CC 796 B
468 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,lwddkf,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI58Lm0UVMW1gRr-XcZmpfNmZ27tVw/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ed736d8aba55248a40a9c801b58dbb586b5083d4be20f53269e8b61d677108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 184427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445
x-xss-protection: 0
expires: Sat, 14 May 2022 18:35:51 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=594716913&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Placar%20Covid%20no%20Paran%C3%A1%20-%20Componente%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEALQAAAAC~&jid=1112472217&gjid=699268733&cid=2019157809.1621201778&tid=UA-70198534-1&_gid=598204554.1621201778&_r=1&_slc=1&cd1=infocoder&cd2=5294&z=1454657859

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-70198534-1&cid=2019157809.1621201778&jid=1112472217&gjid=699268733&_gid=598204554.1621201778&_u=aGDAAEALQAAAAC~&z=599852381

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 16 May 2021 21:49:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log Show response
play.google.com/ Frame 44CC 131 B
644 B 62ms
41ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 58ms
37ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 16 May 2021 21:49:38 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 21:49:38 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 44CC 131 B
154 B 56ms
42ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:38 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame 44CC 131 B
154 B 54ms
42ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 57ms
38ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 16 May 2021 21:49:38 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 21:49:38 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 44CC 131 B
154 B 53ms
40ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 58ms
39ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 16 May 2021 21:49:38 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 21:49:38 GMT
cache-control: private

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 48ms
16ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=PageView&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&if=false&ts=1621201778322&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.2.1621201778320.514499332&it=1621201777913&coo=false&exp=l1&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 16 May 2021 21:49:38 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 48ms
16ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=ViewContent&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&if=false&ts=1621201778325&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.2.1621201778320.514499332&it=1621201777913&coo=false&exp=l1&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 16 May 2021 21:49:38 GMT

OPTIONS
H2 200 flow1
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ Frame 0
0 361ms
297ms Preflight
application/json 143.204.209.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Protocol: H2
Server: 143.204.209.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-76.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sun, 16 May 2021 21:49:38 GMT
x-amzn-requestid: b980d8b9-b2e0-4a51-8f8a-22b7ff804ab1
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: fcP58EzkIAMFoYw=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ogr0S-gOldgoKCFE0pZ-xjfc3D6nBtDWrKVDB0eQFJ7jIQQiu-68Fw==

POST
H2 200 flow1 Show response
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ 504 B
879 B 314ms
313ms XHR
application/json 143.204.209.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Requested by: Host: gdp-prd-data.s3.us-east-1.amazonaws.com
URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-76.fra53.r.cloudfront.net
Software: /
Resource Hash: b0535cbcc0ffe88e1de1b05cef1e0a7d9d4fc9ffb2d914355f1b04c7790e7471

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:39 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: ad725c0b-1983-4b2a-bd17-0084e272900a
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60a19373-2e469bb06f961b1b480b0f9d;Sampled=1
x-amz-apigw-id: fcP5_HZloAMF5fg=
content-length: 504
x-amz-cf-id: NdoUAC6mIkThbQl8mjvmLKoe7C4dl4At_-Nj3E3zwyCsyU8HJL4P-A==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
660 B 200ms
142ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Sun, 16 May 2021 21:49:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c3ff8aceb861c9d3e42307dfd98ac0e73840f7a3aef84a872b3a31a78eb588c5
x-transaction: 05535be8b46c2fec
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ico-arrow-left.svg
assets.gazetadopovo.com.br/images/svg/ 127 B
498 B 8ms
7ms Image
image/svg+xml 2600:9000:21f3:2800:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-arrow-left.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2800:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6e0fd2a5540d8a26bbc2f2868a5ddfc300137e6bf05a581b7bf918f9e8a6ba1

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:07:46 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:27 GMT
server: AmazonS3
age: 8772113
etag: "6ae51f29a6cffccc223655e32d23de10"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 127
x-amz-cf-id: B1vofFz9oIT44S1HrNIzcZU08Nyv2jXtUA_GKj8-opXXV4RBioxy-g==

GET
H2 200 ico-arrow-right.svg
assets.gazetadopovo.com.br/images/svg/ 123 B
495 B 8ms
8ms Image
image/svg+xml 2600:9000:21f3:2800:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-arrow-right.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2800:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5b2a278c1ab02a90127fd8191dd79159eefcc5bcda3b45b4945faf2776e979f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 11:47:20 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
last-modified: Tue, 30 Mar 2021 21:25:52 GMT
server: AmazonS3
age: 4010539
etag: "360b8c417ef8fc3088f833de9723ae18"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 123
x-amz-cf-id: 3LWgbdpIi90zE2FRZT74j_EGxrTE4-_gOpxgGWgHrrDJetm5arqZgA==

GET
H2 200 / Show response
infograficos.gazetadopovo.com.br/json-google-spreadsheet/ 762 B
1001 B 453ms
420ms Script
application/json 2600:9000:20eb:bc00:16:bc5f:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://infograficos.gazetadopovo.com.br/json-google-spreadsheet/?callback=jQuery33105744406953466414_1621201777497&id=1Pn1D6-1SwjcjvVnigSTDUrgGfI3-xub00yvRMkRPIpI&sheet=3&_=1621201777498
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:16:bc5f:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e7ddeed21b0c1105938ec883ff0b61a295c41d1ed41baf09552afc691b57218d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:38 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/json
content-length: 762
x-amz-cf-id: 03CfTeNcCxtVhq5CWVwV7Vte0xAzKDzfT6YNIA7sGHT8SfJCMx9NRQ==

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame F57F 1 KB
1 KB 74ms
24ms Document
text/html 143.204.209.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-457089.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-47.fra53.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: tqbzy7Qu-MYmWQYfJM5aYCcVIAzDxUmXBZGgFn1zC-AzIQpIHVxgIg==
age: 4081146

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 33ms
17ms Ping
text/plain 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryA4BYnHGYYAXzOt1D

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 16 May 2021 21:49:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 385ms
296ms Preflight
application/json 143.204.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 143.204.209.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-103.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sun, 16 May 2021 21:49:39 GMT
x-amzn-requestid: 9593f8cf-3636-494e-8f29-deded9421043
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fcP6BGUjoAMF2aA=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Rb6IfRJ0eRtWIPOgKQOUsQiMrmr_B09emPstkoHC_UZtVrN-Ho3r-w==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 567ms
567ms XHR
application/json 143.204.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-103.fra53.r.cloudfront.net
Software: / Express
Resource Hash: 4a22360dd6d94b4906b19fc6c6cd3d26e95f0a95b72d2517b0c49bdfdd66f537

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 May 2021 21:49:39 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
etag: W/"4b8-887qa/S0AjXV7HfZbVoavkiz7c4"
x-amzn-remapped-content-length: 1208
x-amzn-remapped-date: Sun, 16 May 2021 21:49:39 GMT
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fcP6EGZxoAMFYqg=
content-length: 1208
x-amzn-requestid: a59a087f-459c-46ed-97a2-387f79db3f7e
x-amzn-trace-id: Root=1-60a19373-31c6991b19131a160358a53d;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: FwwsvV99SNisn4S5lXHw834PWp5tzLqB_blSdMxWDhoITmehAaAIfw==
x-amzn-remapped-connection: close

POST
H2 200 unload
api-v3.tinypass.com/api/v3/page/ 0
0 153ms
151ms Ping
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3.tinypass.com/api/v3/page/unload?aid=izBe3CQ7pu&tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQvnfSe2aG0aDehQRDmVR656Khsrg8SWAZ-XmYHGTM83e0vDUzNKF9oX5eGqRNoACSt68fk79v-XRQP4j4wvVJcfiYOFoM1nCPnPe500b0Xqp_ClXXX7wZd7xhwozNxHCCQ&time_spent=%7B%22active%22%3A0%2C%22total%22%3A0%7D&scroll=%7B%22max_page_height%22%3A8525%2C%22max_depth%22%3A1200%7D&viewport_exit=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&pageview_id=2021-05-16-23-49-38-106-Zs5Qzkp8ErnB6ebV-b936ad7ebc1e9e7e2afe591d682f915b&visit_id=v-2021-05-16-23-49-38-107-LO5CbxzyJvgEvrE3-b936ad7ebc1e9e7e2afe591d682f915b
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 6 KB
3 KB 163ms
162ms XHR
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f9d33367ad23e94af2c6a4703eab99d8f6a72abf40d1019d3be34ac56ab2db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:39 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a18c1119500001f19493de000000001
x-request-id: Craz7tqmf1F
pragma: no-cache
wn: prod-exp-10-0-83-141
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6507d12f5fc01f19-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 551 B
796 B 145ms
129ms XHR
application/json 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3250111499e28b9453681469aba9fc222f2233e742e3164d8b215f47cca8d76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a18c1124e00001f318daa1000000001
x-request-id: Craz7tqHSuW
pragma: no-cache
wn: prod-dash-10-0-133-217
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.003
cf-ray: 6507d1307ce01f31-FRA
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame F0C2 6 KB
3 KB 26ms
26ms Document
text/html 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4305cf47f19afb59b38a7b1107cfc9992346da5b5fdb412193c862a22cc1ac35

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Sun, 16 May 2021 21:49:39 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=10800
expires: Mon, 17 May 2021 00:49:39 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.001
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-95-155
x-forwarded-https: on
x-request-id: C2wu7tqJV02
x-xss-protection: 0
cf-cache-status: HIT
age: 5713
cf-request-id: 0a18c1124500001f19bd9f9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6507d13069421f19-FRA
content-encoding: br

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 298ms
297ms Preflight
application/json 143.204.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 143.204.209.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-103.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sun, 16 May 2021 21:49:39 GMT
x-amzn-requestid: 63b069bf-9180-415c-89b1-fbf748d6d0ed
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fcP6EEwcIAMFXvg=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 8WTDK0bYybVxMPsGpmh9bl3nxXuxc8xxQ_j6r_qFY-aAxKgXZt50oQ==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 336ms
336ms XHR
application/json 143.204.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: gdp-prd-data.s3.us-east-1.amazonaws.com
URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-103.fra53.r.cloudfront.net
Software: / Express
Resource Hash: 3be68f55654c74ca19226077afcea1c3814cea4652fbde4643e2681978af6025

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:39 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
etag: W/"500-+hxeg8ls++KsBE2Z9E5yKdQiNsg"
x-amzn-remapped-content-length: 1280
x-amzn-remapped-date: Sun, 16 May 2021 21:49:39 GMT
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fcP6HG5doAMFdqw=
content-length: 1280
x-amzn-requestid: 93105d58-82a8-41f3-a3cb-6b656ea26b28
x-amzn-trace-id: Root=1-60a19373-17f572f14f704b811b3f4fac;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: HBgln0D40kTKcksZbliptod5Y6MEKoiSUCG2m4yFk2qvC7wdK-iL8Q==
x-amzn-remapped-connection: close

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame F0C2 33 KB
5 KB 39ms
39ms Stylesheet
text/css 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:39 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 2707
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a18c1126900001f196aa84000000001
wn: prod-dash-10-200-75-20
last-modified: Wed, 12 May 2021 20:48:34 GMT
server: cloudflare
etag: W/"33843-1620852514000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 6507d130a98b1f19-FRA
expires: Sun, 16 May 2021 23:49:39 GMT

GET
H2 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame F0C2 509 KB
143 KB 63ms
63ms Script
text/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.188.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5996062961b290de6f5e449fbcfdc3df354b36605692d9be7e571b91f978e21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2673
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a18c1126700001f19aeb88000000001
wn: prod-dash-10-0-128-18
last-modified: Thu, 13 May 2021 13:08:26 NZST
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/javascript
server-time: 0.001
cache-control: public, max-age=602127
x-optimized-by: _sam
cf-ray: 6507d130a98d1f19-FRA
expires: Sun, 23 May 2021 21:05:06 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame F0C2 6 KB
558 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

796b7c426168c17fd0cda987277798ded81c6503a920f1fa4a90b946356ccb6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 16 May 2021 21:49:39 GMT
server: ESF
date: Sun, 16 May 2021 21:49:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 May 2021 21:49:39 GMT

GET
H2 200 campanha-corrupcao-desktop.jpg
media.gazetadopovo.com.br/2021/05/11094814/ Frame F0C2 220 KB
221 KB 13ms
12ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11094814/campanha-corrupcao-desktop.jpg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9abe16e112e0c606f0a92db9f74d716b480a0e98bbea1a977cbb31749fbed6f

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:01:21 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 12:48:15 GMT
server: AmazonS3
age: 452899
etag: "467c437588df95f88c8134c13e1277e4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 225668
x-amz-cf-id: vU9GUhGEsb6qONAxG-Aa_mND9IV59RfWRhcRmUfnwttmlSx6HZ0DyA==
expires: Wed, 11 May 2022 12:48:14 GMT

GET
H2 200 campanha-corrupcao-mobile.jpg
media.gazetadopovo.com.br/2021/05/11094813/ Frame F0C2 63 KB
64 KB 10ms
10ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11094813/campanha-corrupcao-mobile.jpg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f363bb1263ff140c7a599ac408717e56d801c29238b25bb8506a7a09527408c3

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:01:24 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 12:48:14 GMT
server: AmazonS3
age: 452896
etag: "cdfe63c78eeebb1a915d0428fde4c4b4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 65023
x-amz-cf-id: j0aHvHI6r8Ngo08uOhvGmkh87O-qfXRMB9kia0QCM5tB6D5B3uoeLA==
expires: Wed, 11 May 2022 12:48:13 GMT

POST
H2 200 trackShow Show response
buy.tinypass.com/checkout/template/ Frame F0C2 53 B
363 B 134ms
134ms XHR
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/trackShow

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.188.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3f662e23645b1b81aaf6eb5901cc9162dc0316b2b48a735c2761493e8ecf1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a18c112f100001f19a0278000000001
x-request-id: Craz7tqTgyA
pragma: no-cache
wn: prod-dash-10-0-124-91
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://dashboard.piano.io
x-xss-protection: 0
cache-control: no-cache, no-store, must-revalidate
server-time: 0.001
cf-ray: 6507d1318b361f19-FRA
expires: Wed, 31 Dec 1969 18:00:00 CST

GET
H3-29 200 qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/ Frame F0C2 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 06:10:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:41 GMT
server: sffe
age: 56320
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20252
x-xss-protection: 0
expires: Mon, 16 May 2022 06:10:59 GMT

GET
H3-29 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/ Frame F0C2 20 KB
20 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 05:41:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:51 GMT
server: sffe
age: 58065
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20196
x-xss-protection: 0
expires: Mon, 16 May 2022 05:41:54 GMT

GET
H2 200 campanha-corrupcao-desktop.jpg
media.gazetadopovo.com.br/2021/05/11094814/ Frame F0C2 220 KB
221 KB 7ms
6ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11094814/campanha-corrupcao-desktop.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9abe16e112e0c606f0a92db9f74d716b480a0e98bbea1a977cbb31749fbed6f

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:01:21 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 12:48:15 GMT
server: AmazonS3
age: 452899
etag: "467c437588df95f88c8134c13e1277e4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 225668
x-amz-cf-id: jE9snuXQXNId0dzeh0qvQMkYWW8oUOPwQ_DosCV3-jCF5PXwimwsSQ==
expires: Wed, 11 May 2022 12:48:14 GMT

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 /
comments.gazetadopovo.com.br/content/count/comments/ Frame 0
0 351ms
293ms Preflight
application/json 2600:9000:20eb:6e00:4:5c96:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comments.gazetadopovo.com.br/content/count/comments/?keys=[%22fb8c2660-b67f-11eb-8a66-8b895adc0e56%22,%2282bafab0-b646-11eb-9e77-a51b60cdde5f%22,%22a7cc0880-b669-11eb-9df5-1189978eb9e8%22,%22111c3f80-b68d-11eb-ba23-090df87586fb%22,%229e65fee0-b5d8-11eb-9ae7-81ff5f94a672%22,%2212546d00-b66f-11eb-aead-f51e255a0241%22,%220f57f1d0-b4ee-11eb-80a9-d7630b3898f0%22,%228a5b9410-b50a-11eb-be78-3fc0ebe96b48%22,%22cf74a030-b683-11eb-81cd-17bb173e0889%22,%22ca8eff50-b5d6-11eb-8e38-ed45966ef44a%22,%22243fd9b0-b51f-11eb-a288-35b857ad0acb%22,%22ed650fd0-b67e-11eb-8a66-8b895adc0e56%22,%22415aee30-b4e9-11eb-80a9-d7630b3898f0%22,%2217ec0290-b689-11eb-8a66-8b895adc0e56%22,%225fe4ae30-b350-11eb-9e49-ed09bdae7c6a%22,%225a8b8680-b40d-11eb-bb30-f79f95941ede%22,%221e7f7a60-b64d-11eb-ae64-61796228bba6%22,%22f463a480-b64d-11eb-ae64-61796228bba6%22,%224c86bfb0-b5a6-11eb-ac0d-af39e211c5a9%22,%228c327cd0-b650-11eb-9711-55f013ecc167%22,%22ccccfdc0-b4ec-11eb-80a9-d7630b3898f0%22,%223442d490-b351-11eb-9e49-ed09bdae7c6a%22,%2218a419e0-b687-11eb-8a66-8b895adc0e56%22,%22497530d0-b520-11eb-b627-4b8b42c02280%22,%222817d250-b654-11eb-9711-55f013ecc167%22,%22267908f0-b5b0-11eb-9c64-299ebb0272ff%22,%22719b2560-a829-11ea-8690-b7488a9f0453%22,%22f9b9d020-b4fa-11eb-b497-2b2353b9a2f3%22,%2248ad61b0-b4d8-11eb-893d-bfc914b5ec37%22,%22175cbce0-b673-11eb-aead-f51e255a0241%22,%22dfb53910-b5a1-11eb-925f-352833ccc7ea%22,%222b87e450-b34a-11eb-abee-03f5385d5ff5%22,%2242b9bb30-b7b6-11e9-96d3-6195e13c2fd4%22,%226e8ae520-b428-11eb-875b-7746cbd8ec2f%22,%227f93bc80-b3f5-11eb-bfa9-6d75d86756d2%22,%22b0a61680-b420-11eb-84fb-6f574c5dc335%22,%2232608ea0-b262-11eb-9664-8bedfda48389%22,%226597b8c0-b41f-11eb-8d21-55e545bfcd50%22,%22731cc630-b360-11eb-a21b-751ed1246604%22,%22a40845a0-b33b-11eb-8284-272359f31f7c%22,%224d353180-b31c-11eb-b2f2-a9b0dc1a9d89%22]
Protocol: H2
Server: 2600:9000:20eb:6e00:4:5c96:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sun, 16 May 2021 21:49:40 GMT
x-amzn-requestid: 40a9f4cb-a429-4084-bb28-cbb48d981193
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token
x-amz-apigw-id: fcP6LHXcoAMFgLA=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront), 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1 FRA2-C1
x-cache: Miss from cloudfront
x-amz-cf-id: NJ26hEkSeYjbLXciStzIy4u9GPzhsJeDCsOZW0AIqolVS-qGxwlpaQ==

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 296ms
296ms Preflight
application/json 143.204.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 143.204.209.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-103.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sun, 16 May 2021 21:49:40 GMT
x-amzn-requestid: 498931e7-952e-4739-abd6-172ff92c607a
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fcP6KESxoAMFtOg=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: xgJUnyK80_sCyjHBrL6zkWZulbrU963fPm_JDKTzHDA0bGusqPia4w==

OPTIONS
H2 200 /
www.semprefamilia.com.br/cookie-exchanger/ Frame 0
0 310ms
292ms Preflight
application/json 2600:9000:2156:e800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Protocol: H2
Server: 2600:9000:2156:e800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Sun, 16 May 2021 21:49:40 GMT
x-amzn-requestid: 2fee2124-89ec-48bc-b150-d4ec9d19daa4
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fcP6LG1RoAMFccQ=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront), 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2 FRA50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: l6EbnsUeOUILDnc7n3k_4otrUE8LynCdNJ9_3C3xu_VWWBKsKSUPFw==

GET
H2 200 para-garantir-palanque-a-lula-pt-abre-mao-de-candidaturas-nos-estados.json Show response
json.gazetadopovo.com.br/republica/ 25 KB
7 KB 68ms
35ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/para-garantir-palanque-a-lula-pt-abre-mao-de-candidaturas-nos-estados.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75357fd177a0be860b0bae619682348a1b9bde0f8e2ed53fb68f44fdd3a33438

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5177a8d0c220b4f3e830bcbb1f22e407"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 19:50:56 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Nsvm7cY77BvStjU9lq2uA375BFQRrlGWfON7NcsJj973d-4ZEzlvbA==

GET
H2 200 bolsonaro-diz-que-sem-voto-impresso-fraude-levara-lula-a-presidencia.json Show response
json.gazetadopovo.com.br/republica/ 18 KB
5 KB 74ms
42ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/bolsonaro-diz-que-sem-voto-impresso-fraude-levara-lula-a-presidencia.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 799f8acff99b00be4f8b088e70a74a90363be8948760360a5f848b3c1cf2de19

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3914a75fdf6cd3fbab5b9ea21e1c3b8c"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 22:00:46 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 0Ar1q7F7J0JoLUNzfyel-HgtbuivVD9mmRwBn89VB6KjZ1e8a8_hlA==

GET
H2 200 bruno-covas-prefeito-de-sao-paulo-morre-de-cancer.json Show response
json.gazetadopovo.com.br/republica/ 17 KB
4 KB 72ms
41ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/bruno-covas-prefeito-de-sao-paulo-morre-de-cancer.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e7dc002385b9ba6e6d5535dc6819e1366acb49d4811ded8f58372572a9ee14b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"2375c2cfbd6931419f6b7b033c7e703b"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 13:24:22 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 9n5RBZd52riDo1URwpoEM-BVNHHzkuu1Z7QAwYuBZmKzWALVH7Sqjg==

GET
H2 200 morte-do-prefeito-bruno-covas-repercute-entre-politicos.json Show response
json.gazetadopovo.com.br/republica/ 22 KB
5 KB 59ms
28ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/morte-do-prefeito-bruno-covas-repercute-entre-politicos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 084a30fe8daf555b90f52e77a10c0087539fbb9b590d78c2228af4b4a41ce102

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"a772676455e4122bec15328424dc43f8"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 13:39:23 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: QpmNtOalYNn8k12o7PSyExWG__zgwWivfz_mdwwTGpuFYzGXJGwaUw==

GET
H2 200 bolsonaro-presta-solidariedade-a-familia-de-bruno-covas.json Show response
json.gazetadopovo.com.br/republica/breves/ 18 KB
4 KB 79ms
48ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/bolsonaro-presta-solidariedade-a-familia-de-bruno-covas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 415d3d6cda5346ac9664eeb468920085fd2910508651ea3b93f77b8137d93293

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1e741e579f01e2da62b136eae285081d"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 20:18:18 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: K9Rb1tYvjJe2xR235jpXUjr47RnjriM2OHGeeETQRnm3RJ6gipp3mw==

GET
H2 200 morte-de-bruno-covas-odio-politico.json Show response
json.gazetadopovo.com.br/vozes/diogo-schelp/ 64 KB
9 KB 64ms
34ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/diogo-schelp/morte-de-bruno-covas-odio-politico.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d9513f328a32e8228fb91dcfd1aba8668faa83864292fee0c9f8cd0dfe736f1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"11546dbbd6d3264b8c25e75a238c257d"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 17:13:57 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: fmDBTJ_UEc6LpIH3N0wBMOmjzRmcBi7-vOO18_ZjXDstCngNn3K7Tw==

GET
H2 200 quem-e-ricardo-nunes-vice-de-bruno-covas-que-vai-assumir-prefeitura.json Show response
json.gazetadopovo.com.br/republica/ 14 KB
4 KB 43ms
13ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/quem-e-ricardo-nunes-vice-de-bruno-covas-que-vai-assumir-prefeitura.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ab3cdcdd5a48379783757d3ea93f0fea27bf0a101deaa60129dfd9603f3f6f9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"ae2ef194553f61e80ce6edb07132ef92"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 14:37:11 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: zyC5OTv2dKR0G0vyXy-P2S1rnsyxnFuTMWOmb3bMXCzsLDDE0OCIrw==

GET
H2 200 diretriz-para-uso-de-mascaras-nos-eua-causa-confusao-e-autoridades-reagem.json Show response
json.gazetadopovo.com.br/mundo/ 19 KB
4 KB 59ms
30ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/diretriz-para-uso-de-mascaras-nos-eua-causa-confusao-e-autoridades-reagem.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10b80e7cd4c70895709c9987f8fc05b10a23ea7d1c310c0aa9cf9a8c4ce8b8b6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:45:43 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 236
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 21:24:34 GMT
server: AmazonS3
etag: W/"f7d91a85d26c01be576e3c879a0682f3"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
content-type: application/json
x-amz-cf-id: 8nbmBflu48j1CVZkuyil9ceeSlmbVU2pplqk_9YoTQ2VU8YE7tqK1w==

GET
H2 200 carta-science-narrativa-origem-covid-teoria-vazamento-laboratorio.json Show response
json.gazetadopovo.com.br/mundo/ 34 KB
7 KB 69ms
40ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/carta-science-narrativa-origem-covid-teoria-vazamento-laboratorio.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afddb6162cf876aa5b7f7824c3815df516b449fe43599a38284a13205b9e9945

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"257f935758d8d127352db9f2d7d816c6"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 13:04:12 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: tE7mj-HTPCeuC9m3gruqH774msSwwnsRpY2pVGdHckXsTtUPWApt6A==

GET
H2 200 gaza-israel-palestina-conflito.json Show response
json.gazetadopovo.com.br/mundo/breves/ 12 KB
3 KB 57ms
29ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/breves/gaza-israel-palestina-conflito.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfacb2f0a22d6ae61e4f69d09f6cc537af8a2b0d0cd9174cd56cab2d3c494258

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"cc2100a9e8f29886cc1f4b53c01796f5"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 17:49:50 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: EXHnyjrTjcVPS8Su8EFU8TI8bavWGkZhy2DB95tGaN-DTACL3EncyQ==

GET
H2 200 educacao-5-0-e-real-e-acontece-agora-mas-o-que-muda-no-processo-de-aprendizagem.json Show response
json.gazetadopovo.com.br/conteudo-publicitario/beetools/ 92 KB
14 KB 58ms
30ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/conteudo-publicitario/beetools/educacao-5-0-e-real-e-acontece-agora-mas-o-que-muda-no-processo-de-aprendizagem.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 594927cc7f7801fa5a2f6c00b40b7925e0bfe294377b500b24b76f66acf67b17

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d15c61701911dadbe2e285c80e0e6924"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:28:38 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: femKvdWSfooPFFh-1njzsMjMBFjgJbzdOxU8na-YTxL7-QgqU_xY0g==

GET
H2 200 thais-possati-de-souza.json Show response
json.gazetadopovo.com.br/vozes/guilherme-fiuza/ 62 KB
9 KB 69ms
42ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/guilherme-fiuza/thais-possati-de-souza.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cfa8ee7bbc328e0f87bcb927046f16b786b9aba3c37d8ce90db6a85d53b1499

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"0e07eb5598e43eb06d4eb8c379b2a787"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 19:31:12 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: tIKkrn6tACh6FQLpzEJEQY1SZ6PhUmoA_J6apENN7FNPsBpJixdxpg==

GET
H2 200 thais-possati-de-souza.json Show response
json.gazetadopovo.com.br/vozes/guilherme-fiuza/ 62 KB
9 KB 63ms
36ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/guilherme-fiuza/thais-possati-de-souza.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cfa8ee7bbc328e0f87bcb927046f16b786b9aba3c37d8ce90db6a85d53b1499

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"0e07eb5598e43eb06d4eb8c379b2a787"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 19:31:12 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: uw2zKhxvru3lGlf98HBsSNjxMDSu3OsQGA58fmpiqs50cYa-TioFNQ==

GET
H2 200 bispos-da-igreja-universal-expulsos-de-angola-um-caso-para-o-brasil-europa-e-o-mundo-se-pronunciarem.json Show response
json.gazetadopovo.com.br/vozes/cronicas-de-um-estado-laico/ 79 KB
12 KB 70ms
44ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/cronicas-de-um-estado-laico/bispos-da-igreja-universal-expulsos-de-angola-um-caso-para-o-brasil-europa-e-o-mundo-se-pronunciarem.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e18ea6cd9278f2ecfcc5d3bc2f7404d8fb485d1d04e0caed95bd8f1906f6c84

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"88287a28476145273bd981ee3b582401"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 23:17:44 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: R-3M17NN9nQOO-GkKVGEzKAvO9V4UwAI5azeoaj7PkX5TMsvVMSH-g==

GET
H2 200 bispos-da-igreja-universal-expulsos-de-angola-um-caso-para-o-brasil-europa-e-o-mundo-se-pronunciarem.json Show response
json.gazetadopovo.com.br/vozes/cronicas-de-um-estado-laico/ 79 KB
12 KB 63ms
36ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/cronicas-de-um-estado-laico/bispos-da-igreja-universal-expulsos-de-angola-um-caso-para-o-brasil-europa-e-o-mundo-se-pronunciarem.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e18ea6cd9278f2ecfcc5d3bc2f7404d8fb485d1d04e0caed95bd8f1906f6c84

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"88287a28476145273bd981ee3b582401"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 23:17:44 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: g8S7mJqaFO_2Pl1k8DjsORp7rXTAvqUh0i3g7MkNI21ucPnZ-IyB9w==

GET
H2 200 entrevista-yago-martins-religiao-do-bolsonarismo.json Show response
json.gazetadopovo.com.br/vozes/guilherme-de-carvalho/ 91 KB
17 KB 73ms
47ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/guilherme-de-carvalho/entrevista-yago-martins-religiao-do-bolsonarismo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 257e248eca91e6f6f570cf1c9793dc0f56a6f55b3178a34fbb9d2a3c4b611a7e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"329910324e9f418a111659bc254f1156"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 22:53:28 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: PVY128EZoT6NyVrqfIIlxa75IyUQvx52biYNav0p_uzhE97kcUgHpg==

GET
H2 200 entrevista-yago-martins-religiao-do-bolsonarismo.json Show response
json.gazetadopovo.com.br/vozes/guilherme-de-carvalho/ 91 KB
17 KB 63ms
37ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/guilherme-de-carvalho/entrevista-yago-martins-religiao-do-bolsonarismo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 257e248eca91e6f6f570cf1c9793dc0f56a6f55b3178a34fbb9d2a3c4b611a7e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"329910324e9f418a111659bc254f1156"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 22:53:28 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: TJbeTEt5J-aknDiJHZvbBu3L54PI8nvQxyDtW-5O0q3wSBY1JSMauw==

GET
H2 200 o-inebriante-populismo-vacinal.json Show response
json.gazetadopovo.com.br/vozes/leonardo-coutinho/ 71 KB
12 KB 73ms
48ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/leonardo-coutinho/o-inebriante-populismo-vacinal.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24f0d391fc42b6c6f6a1fa1567ee52db3c2f242219e28c2075e1077ece6322e6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5b99f8edaa19d6515df09ccad209fa67"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:08:52 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: hANR4CrSGb_z_BAQKpHOfe1W1WXMI2oetycg9OgOjp3mul2lgqKlBw==

GET
H2 200 o-inebriante-populismo-vacinal.json Show response
json.gazetadopovo.com.br/vozes/leonardo-coutinho/ 71 KB
12 KB 65ms
39ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/leonardo-coutinho/o-inebriante-populismo-vacinal.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24f0d391fc42b6c6f6a1fa1567ee52db3c2f242219e28c2075e1077ece6322e6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5b99f8edaa19d6515df09ccad209fa67"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:08:52 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: QU9I0B_s0G2kR1P54w9Ir6jR4WcILPEud8Y2SQ9l6rvzkvuN-C2_lg==

GET
H2 200 um-retrato-devastador-da-politica-do-filho-unico-na-china.json Show response
json.gazetadopovo.com.br/vozes/luciano-trigo/ 63 KB
9 KB 77ms
52ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/luciano-trigo/um-retrato-devastador-da-politica-do-filho-unico-na-china.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f13b209918edf848cea5fbeb22c615096e37b9496c3e320dcb03c01e8579460

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"7e2ab5d1a3cc5c9d48b470fa521028d3"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 18:07:35 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: ySqUzm_CjbwVWu4G_6jYO-9bImb_G-xKxL0MZKuEpzMyUVP3dh_npA==

GET
H2 200 um-retrato-devastador-da-politica-do-filho-unico-na-china.json Show response
json.gazetadopovo.com.br/vozes/luciano-trigo/ 63 KB
9 KB 66ms
41ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/luciano-trigo/um-retrato-devastador-da-politica-do-filho-unico-na-china.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f13b209918edf848cea5fbeb22c615096e37b9496c3e320dcb03c01e8579460

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"7e2ab5d1a3cc5c9d48b470fa521028d3"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 18:07:35 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: O-cXE_ratZO9E69-rQptiif16AAVv30hydfOEgOKN0ulJors_vTvLw==

GET
H2 200 cronica-roberto-gomes-escritor-catarinense.json Show response
json.gazetadopovo.com.br/vozes/jose-carlos-fernandes/ 71 KB
10 KB 82ms
58ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/jose-carlos-fernandes/cronica-roberto-gomes-escritor-catarinense.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fe89f2808067c83efad60379d2073b419ebcfdcffe5a87b7738a4530a11694f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d5f6ca54cbefeb7b93b7cbb50fe0deb5"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 16:22:49 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: SjWTmEvwkXGG5RZGWWvpdtegc6cekG7Ccr_3iJRgfSYcN23UbAPJbg==

GET
H2 200 cronica-roberto-gomes-escritor-catarinense.json Show response
json.gazetadopovo.com.br/vozes/jose-carlos-fernandes/ 71 KB
10 KB 67ms
43ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/jose-carlos-fernandes/cronica-roberto-gomes-escritor-catarinense.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fe89f2808067c83efad60379d2073b419ebcfdcffe5a87b7738a4530a11694f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d5f6ca54cbefeb7b93b7cbb50fe0deb5"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 16:22:49 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: vU-mS1lHiXwvGtwtj1tUo7iZX2-8y6wfgqxJWS34NuJ-ZUOW08I_uQ==

GET
H2 200 israel-duas-pessoas-morrem-incluindo-menino-de-12-anos-em-acidente-em-sinagoga.json Show response
json.gazetadopovo.com.br/mundo/breves/ 12 KB
3 KB 78ms
54ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/breves/israel-duas-pessoas-morrem-incluindo-menino-de-12-anos-em-acidente-em-sinagoga.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e876a4fb7d47dd96c0fd393614e4f589730f6c40a1c0f4fa9e4ad060a0e933f3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3ba01a27bb1f3e0b1da03d08cf35a057"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 20:25:39 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: FzAhUQtDYLCnX39jQKsEdiAUzkYaS1vrSvZWp0NPPyVMMEhOqNhyew==

GET
H2 200 lava-jato-frente-congresso-mobilizacao-contra-corrupcao.json Show response
json.gazetadopovo.com.br/republica/ 28 KB
8 KB 76ms
53ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/lava-jato-frente-congresso-mobilizacao-contra-corrupcao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 260f5169d3ec2afa29bc51f1347e56b0346aff042efba4ef58f919d1d5010e58

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"02fc310d77d2f3f154cd0baa41a53fac"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 13:13:20 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: YEPEsILpl0KDjW2od_gE0nfvoOngcIm2IKkGa5QEkei36EcBLcrKAw==

GET
H2 200 mises-e-o-congelamento-dos-alugueis-as-licoes-que-a-america-latina-teima-em-nao-aprender.json Show response
json.gazetadopovo.com.br/opiniao/artigos/ 21 KB
6 KB 76ms
53ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/opiniao/artigos/mises-e-o-congelamento-dos-alugueis-as-licoes-que-a-america-latina-teima-em-nao-aprender.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52f9ada7b17f9abdd7b8c5e55014236a3f52414de83aebfb06e822fee964f85b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c4294e60b1e530ac2511a618fa20891e"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 01:51:14 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 8nVIqbG_Wh2ZlbGevnHg-FlDXJ-zoHCjIrZoCi2srtRvKM-5B74M1A==

GET
H2 200 novo-indexador-para-alugueis-uma-proposta-coerente.json Show response
json.gazetadopovo.com.br/opiniao/artigos/ 27 KB
5 KB 77ms
54ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/opiniao/artigos/novo-indexador-para-alugueis-uma-proposta-coerente.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7de285ddb8303edfaa1f0f56dc6b862b1721ce63d865f1174670b71d3adea18d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"e627cfc7a297f5df4f270f1359d03d78"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 02:02:27 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: A_GtTs7ijoAf6ZY4Ju7ADzEMZJMYpAb5qw518sums9mhkHFsC7iRAQ==

OPTIONS
H2 200 /
www.umdoisesportes.com.br/cookie-exchanger/ Frame 0
0 321ms
282ms Preflight
application/json 2600:9000:2156:7600:1d:7626:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Protocol: H2
Server: 2600:9000:2156:7600:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Sun, 16 May 2021 21:49:40 GMT
x-amzn-requestid: 6fddbf43-a245-4c14-828d-9fb475e8164d
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fcP6LF2poAMFY4w=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront), 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2 FRA50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: FrIqZZDJvj9uBrvAHxnyIeYhsXG5DRy15lw9JUtf614p51yEy_SICQ==

GET
H2 200 boletim-coronavirus-parana-16-05-21.json Show response
json.gazetadopovo.com.br/parana/breves/ 15 KB
4 KB 77ms
54ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/breves/boletim-coronavirus-parana-16-05-21.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f15c359d8e7e5831725c38fd397e6e065fccd867dc06dab8d92ea86ebc145880

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8ff02f06e674244f116ab5569f86ab3e"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 19:43:21 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 6DKayXS43CWRgPiR-JxFREb0s-iuvnDJrXuCdfhq98u4lwmy5EtzPA==

GET
H2 200 morte-paulo-affonso-grotzner-aos-95-anos.json Show response
json.gazetadopovo.com.br/parana/ 25 KB
6 KB 77ms
55ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/morte-paulo-affonso-grotzner-aos-95-anos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b46989efe6f677f60e6910de647de787ea36f57517abf351de67f89f9dc9ba84

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1c88b5a64272457a24ba7f993424b23b"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:19:27 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: tqNazQOh2UfMzB3co5A1b8dDuN8O51NCnw-prt1NViFXJ3sHRjeOGQ==

GET
H2 200 policia-busca-serial-killer-pr-e-sc.json Show response
json.gazetadopovo.com.br/parana/breves/ 19 KB
4 KB 80ms
58ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/breves/policia-busca-serial-killer-pr-e-sc.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36d0b988fad57022324f75a6441b77cbf9f687684931fb7282314095d4128cb7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c735aa59c55fabef77edf0da782b8b70"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 20:56:08 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: QWJyfKKZhaZGpTJFgHuyT6MJukXLvNZ2su847oMs7yQqTIaZR68VxQ==

GET
H2 200 o-telhado-cultural-da-arte-curitibana.json Show response
json.gazetadopovo.com.br/vozes/dante-mendonca/ 63 KB
9 KB 91ms
70ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/dante-mendonca/o-telhado-cultural-da-arte-curitibana.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3329fb41f79ed8fd473619f800f8e50bc5d963bb5ac6b0756269f04968f6c583

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"88d87021c57a1f1f7b6b70c5ab00f3f5"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 18:32:34 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: LthD6mJCbuilyRqSB25p8_ocUh19CUQRIgWW0foq5W6gyaQrRNEmfQ==

GET
H2 200 maior-evento-de-cultura-pop-do-parana-shinobis-inspira-novo-pub-em-curitiba.json Show response
json.gazetadopovo.com.br/bomgourmet/restaurantes/ 45 KB
6 KB 80ms
58ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/bomgourmet/restaurantes/maior-evento-de-cultura-pop-do-parana-shinobis-inspira-novo-pub-em-curitiba.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62b38065a8a615b27ff55c26bbfb89b64e77bf9deed8a485add3669754ad9307

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f601b36cc678ad6c9ae0dfa358dad611"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 17:49:06 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: X14mN4FxHBlkg8QuPWN2eug80Dnr5bJjNvROfpWJYtX1IM4GT1LTHw==

GET morinigo-eliminacao-coritiba.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/ 0
0

GET coritiba-eliminado-paranaense-desastre.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/ 0
0

GET follador-e-o-perigoso-costume-da-derrota-no-coritiba.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/ 0
0

GET lazaroni-admite-oscilacao-no-estadual-e-projeta-mata-mata-equilibrio-e-estrategia.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/athletico/ 0
0

GET parana-clube-athletico-jogo-quarta-feira-maurilio.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/parana-clube/ 0
0

GET parana-coritiba-provocacao-paranaense.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/parana-clube/ 0
0

GET fpf-muda-data-de-jogo-de-volta-de-athletico-e-parana-na-arena.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/campeonatos/paranaense/ 0
0

GET
H2 200 luiza-trajano-abre-maratona-inovacao-social-hackacom.json Show response
json.gazetadopovo.com.br/gazz-conecta/ 25 KB
5 KB 81ms
62ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/gazz-conecta/luiza-trajano-abre-maratona-inovacao-social-hackacom.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1415f02c06c03be689f6066bccda8f184d97a088f41e4d088e3f7d371ac79d16

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"7694aed7eeea115abc30056de92b1326"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:14:39 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: ubdVTRRmW7ghPWaUcPmHGGOR-n8W0uc8URaAAjiosFNle9W6iDLPHg==

GET
H2 200 as-fraudes-milionarias-no-mundo-dos-vinhos.json Show response
json.gazetadopovo.com.br/vozes/notas-baquicas/ 76 KB
10 KB 80ms
61ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/notas-baquicas/as-fraudes-milionarias-no-mundo-dos-vinhos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daab4d839ebb17136ea284ef731da4edc5d43196a2426ce0b54993a571829dce

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"919837e63d75d06e86011de15b38eb6f"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 18:38:31 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: ch6LfOgGetvDdX1ZhP66p5HxUjnwPxca2zyhXUgmKp9GXFV_ChrrWw==

GET
H2 200 chile-realiza-segundo-dia-de-eleicoes-para-assembleia-constituinte.json Show response
json.gazetadopovo.com.br/mundo/ 12 KB
3 KB 81ms
62ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/chile-realiza-segundo-dia-de-eleicoes-para-assembleia-constituinte.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bf086183b464af1ae432062d10d38133a39eb3f57ab3e9d5108d0c074880f11

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3c6758dd9bf5d0dff38abb27d4473ec5"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 20:41:50 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: l9wYw8eucNNcyAf_T3C0Zxj3mSA1JA-BaNcryvJ_Se7Liu8Jj8cJHA==

GET
H2 200 nosso-luto-seletivo.json Show response
json.gazetadopovo.com.br/opiniao/artigos/ 25 KB
6 KB 80ms
62ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/opiniao/artigos/nosso-luto-seletivo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 372694fc771ab17fa97cee300de1f8a0f6daf776a801c4f06ae247b4a029fa55

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"59f008ac407815df7f54c769589772eb"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 01:53:23 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: EVQVS4JrBI7gqY_Fvu_I9CzZXZbEmRi3G2IotZvQQ2mh9pDaTGIhtQ==

GET
H2 200 morre-atriz-eva-wilma.json Show response
json.gazetadopovo.com.br/cultura/ 12 KB
4 KB 84ms
66ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/cultura/morre-atriz-eva-wilma.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 583cbcd535fd209324804675a70beb8933a7c0204ad87b19b4b286992b4c336a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"6c6cae98a6952ad20e1a17e6270ef8c2"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 14:46:37 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: u3K8JW4rFPoFHC3j--jmNvCiPD4KqlnSiDLNmSKAucwiOMN4wW74hQ==

GET
H2 200 o-papo-e-26-a-cpi-da-covid-e-um-palanque-para-2022.json Show response
json.gazetadopovo.com.br/ideias/ 12 KB
3 KB 88ms
71ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/o-papo-e-26-a-cpi-da-covid-e-um-palanque-para-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1804ab7f6b042a6d9119277c61a7eaf3b9f3bb557e671327e41f91c877403231

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"72d05196576dae279b405134adc04c0e"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 19:05:38 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: EyrVf92xpUxWP9xovZ7sVHQt-ewtvKhqD6BZeV4pH0ZXt762dZvCow==

GET
H2 200 classico-nada-e-para-sempre-oferece-oportunidade-de-contemplacao.json Show response
json.gazetadopovo.com.br/ideias/ 17 KB
5 KB 88ms
70ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/classico-nada-e-para-sempre-oferece-oportunidade-de-contemplacao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd8c8c0ff19c7335a9b34a9fab5afcbcd2cdbb6d877af2c45f143ae077d33df4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5250dece9a745331c3ab5e9535205ba7"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 06 Jun 2020 19:11:13 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: XSmJ-RX8PyzZw23WzSWMPh2KErGNfc68IOAzrS8HVkVWk_0Q61P0Xw==

GET
H2 200 que-fim-levou-jose-geraldo-vieira.json Show response
json.gazetadopovo.com.br/ideias/ 25 KB
9 KB 88ms
71ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/que-fim-levou-jose-geraldo-vieira.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 898e426c0d1434a9d1fb208183fb15a3de3901e461ad8c5703d244882534c7e3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b940d542100589d33b0233290224480b"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:54:22 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: qMdXWJi8_DYhTsk8nKjwLvqK4QHnT64r3so2kDvNFRHYcOwHZ87hSw==

GET
H2 200 corrupcao-felicidade.json Show response
json.gazetadopovo.com.br/vozes/polzonoff/ 64 KB
10 KB 90ms
73ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/polzonoff/corrupcao-felicidade.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a5e3e9baab3ea602b9382fa4aab3b061d77b2604006c72813282b281ae99d2e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9f36fcaf6c67fb23dcc2242acf8f6663"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:47:21 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: WToAZfLaQjfbM6_PxLcDF3Ggi3FGXN1POkBGWkaCZ-__vwxrffqRng==

GET
H2 200 elas-trocaram-festa-de-formatura-por-trabalho-voluntario-e-hoje-auxiliam-70-mil-pessoas-compaixao-internacional.json Show response
www.semprefamilia.com.br/json/virtudes-e-valores/ 19 KB
20 KB 464ms
388ms XHR
application/json 2600:9000:2156:e800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/virtudes-e-valores/elas-trocaram-festa-de-formatura-por-trabalho-voluntario-e-hoje-auxiliam-70-mil-pessoas-compaixao-internacional.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2800e16d65493613d8ace6e0b8ed53877c7ac7d038fd1a78117f3778cdc27d86

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
etag: "22dce81314211437a42300cf7632675a"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 19553
last-modified: Sun, 16 May 2021 18:18:38 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:41 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: 7b-p30XLWv2YpAE0DlIeJA8bx6bhZppSJwm5coWRv0cj6o5rV3By8w==

GET
H2 200 uma-infancia-cercada-de-carinho-e-a-chave-para-um-casamento-duradouro.json Show response
www.semprefamilia.com.br/json/ 10 KB
10 KB 465ms
389ms XHR
application/json 2600:9000:2156:e800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/uma-infancia-cercada-de-carinho-e-a-chave-para-um-casamento-duradouro.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4083aa0dd380a5939e813fea913a50fb1d5402cfc89fbd3316799bae34cc5e6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
etag: "36c2858681f294e6669b56ebf981e532"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 10112
last-modified: Mon, 16 Dec 2019 04:44:14 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:41 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: bwkxO0nznq-Qn8XsoKm-fT-XzQBFwBILfGnnqhy-V7iWp0Cav_i8bA==

GET
H2 200 filhos-de-pais-alergicos-terao-alergia-veja-mitos-e-verdades-sobre-o-tema.json Show response
www.semprefamilia.com.br/json/saude/ 27 KB
27 KB 469ms
393ms XHR
application/json 2600:9000:2156:e800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/saude/filhos-de-pais-alergicos-terao-alergia-veja-mitos-e-verdades-sobre-o-tema.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c4dc3ebff73ec456fba2022af98851c463a45f1eb090dd9b02ec234bae39408

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
etag: "53ca384b4a510359b966cde7a008eccb"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 27138
last-modified: Sat, 15 May 2021 17:21:02 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:41 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: irdZ7bgTrmo9BgD0SoX79s6RrO_buKZd4JN3qu-LnRydK1PWLc3t6w==

GET
H2 200 e-tempo-de-fazer-geleia-de-laranja.json Show response
json.gazetadopovo.com.br/vozes/vosso-blog-de-comida/ 77 KB
10 KB 78ms
63ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/vosso-blog-de-comida/e-tempo-de-fazer-geleia-de-laranja.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5f899be7fac4078a0488684439d1224652ca9123fc8adae8d7718933e5dd873

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"dd4d2ce8e39503c9300405b7a4c53430"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 22:28:42 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: UbnW4qH3ZxvfZNGfqHXiRgCbTIuOM1u80rydUZOsEqSFDUoeyF6IjQ==

GET
H2 200 nao-e-so-o-acucar-conheca-mais-alimentos-que-tambem-aumentam-a-ansiedade.json Show response
www.semprefamilia.com.br/json/saude/ 20 KB
21 KB 468ms
393ms XHR
application/json 2600:9000:2156:e800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/saude/nao-e-so-o-acucar-conheca-mais-alimentos-que-tambem-aumentam-a-ansiedade.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d6fe15fe35d33f37ea9711b85b071960d8aff36e275f19b4c2463143a1715cc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
etag: "525fcfaaa899b04395aa1c8da3c52a5f"
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 20873
last-modified: Fri, 14 May 2021 12:27:45 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:41 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: eJy6jIP-z1_4sJx4mOigdxitnsxhbSIg_rTOS_H2OgV8i_mINOzsqw==

GET
H2 200 lava-jato-maos-limpas.json Show response
json.gazetadopovo.com.br/republica/ 19 KB
5 KB 80ms
65ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/lava-jato-maos-limpas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47bb2760890a290ad550e791686a1d9648d2e398eb8342869819bbf68c3ae458

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3f4eb87506ca1625f91c4b76a023d6af"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 18:16:06 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: rBDI8Qp07lu946ClLF8hOiYiK1S6wA9JPy3l43-86WQW3D8yoO6NEA==

GET
H2 200 ideias-198-era-das-trevas-a-verdadeira-historia-da-iluminada-idade-media.json Show response
json.gazetadopovo.com.br/ideias/ 14 KB
3 KB 80ms
66ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/ideias-198-era-das-trevas-a-verdadeira-historia-da-iluminada-idade-media.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7f3f11c7dc946d768710ef63ab41344d69f8112d19123c346d3f56fcc95e1b5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"794a24fe1498df04f2ed24e07c3f9021"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:18:52 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 3xvic7kj8w3piPLYL9tzTkwqH6BuTQENkizVlPPLVJmWN8wIqXT9SA==

GET
H2 200 lava-jato-stf-congresso-contra-ataque.json Show response
json.gazetadopovo.com.br/republica/ 22 KB
5 KB 72ms
58ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/lava-jato-stf-congresso-contra-ataque.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acd98206b576b8f71d5f658eba383fe662814156290ab60c56f9e63935df618f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1396c90ebbe44657c5740335cb7e4f46"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 14:14:16 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: rxvLDy864iMaJGpZzsHO-g_ZCDr4h7KrJlaaZsmEPwEEZDPL80l8UA==

GET
H2 200 quarentena-cult-50-o-tigre-branco-mostra-a-ascensao-financeira-num-mundo-sem-moral.json Show response
json.gazetadopovo.com.br/ideias/ 14 KB
3 KB 75ms
61ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/quarentena-cult-50-o-tigre-branco-mostra-a-ascensao-financeira-num-mundo-sem-moral.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6437fefcd5a8ed1fc150bcb0cb5beeea3dc6346a68b2bcb773a6efe0ca95265a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c7d11cf5ec1546c6c778ce99d60e4ea8"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 19:28:49 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: X8HvAsaViTyyRTXZujAwkmKzqXP5C4pmf4BsVm0eMx4eGhW_VehqMA==

GET
H2 200 lula-lava-jato-operacao-historia.json Show response
json.gazetadopovo.com.br/republica/ 22 KB
5 KB 73ms
59ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/lula-lava-jato-operacao-historia.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10ebb3e0760ada317a54cba370a08d133552db2caee5b7e6acf4f52a641eecc1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"7948ed8bdcb7e206658bc677bbb05c5a"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 19:33:25 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: QMndv_OTqLTfL_zIIrrbIrjUcN3vRBGmSeOmJ9KXrgNsBHRnk8d8gg==

GET
H2 200 produzir-insumos-para-vacina-contra-a-covid-19.json Show response
json.gazetadopovo.com.br/republica/ 22 KB
5 KB 78ms
65ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/produzir-insumos-para-vacina-contra-a-covid-19.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c45936acb85087e8a5ae92fc4ebc184e7d08ed6227541427a3bb62caa9b2922

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"4ebf1d9173ac9dbe78f7507f160db0c1"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 19:14:11 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: zMxfbFAs4YtHBmo349bfyD0qvDBhgkU9eV8b2PBRxlALy-NvpxIkRg==

GET
H2 200 defesa-da-vida-jovens-se-unem-para-salvar-bebes-da-cultura-do-aborto.json Show response
json.gazetadopovo.com.br/vozes/cristina-graeml/ 78 KB
13 KB 71ms
59ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/cristina-graeml/defesa-da-vida-jovens-se-unem-para-salvar-bebes-da-cultura-do-aborto.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c616bb9626ceeb878247763ff72103e1ffe8d7c43cf7dc7e7442d3b0d4d0cec4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"dd19cddb437fd23f5f5b9c516c07637e"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:44:51 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: _PVZu4KBH8hXIqe4fYjnB-rUjLiJVstYsrgY7JegpHDeRsiB-Rci7w==

GET
H2 200 lula-x-bolsonaro-um-pais-dividido.json Show response
json.gazetadopovo.com.br/vozes/alexandre-borges/ 58 KB
8 KB 77ms
66ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-borges/lula-x-bolsonaro-um-pais-dividido.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6d5c75ef2890b569b6f795bead913ea2b87ee173cfb7547af76d543b1d46757

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9b3e42227f5de16855758ce85d7656d2"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 16:03:51 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: u5yAbMnh-AmyBmp2H80281v1nIaB73VkB26bwbDfTpJIwxYxJ8LXow==

GET
H2 200 o-que-explica-a-briga-interna-no-mercosul.json Show response
json.gazetadopovo.com.br/republica/ 21 KB
4 KB 78ms
67ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/o-que-explica-a-briga-interna-no-mercosul.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a21525f3b01371cf5cd313f733dee7148a4c0d9fe7126384aed6fa3aeb9b0c29

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"12e437155dac6bd985d95e96df6a4825"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 12:19:31 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: JoLk-2Q3JU-ivNc9-qw_syyq0BixmbkRStN-jrNBd7LeBvZCwV9Bow==

GET
H2 200 pandemia-estrategia-negocios-impacto-empresas-pwc.json Show response
json.gazetadopovo.com.br/economia/ 21 KB
6 KB 78ms
67ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/pandemia-estrategia-negocios-impacto-empresas-pwc.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c6c115c8cb89663ef2f715c1d5112030c1abe8edc74e379e14b5d10d25da762

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"543e2f55d1d554bc6dc255e3798dfd1a"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 20:37:45 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: nTTSE-fRovG2cNYESnlZhKpU_9znnjbfDx4w-1fLZnSDwOpN6--hSA==

GET
H2 200 psd-se-afasta-de-bolsonaro-afaga-lula-e-mira-estados-eleicoes-2022.json Show response
json.gazetadopovo.com.br/republica/ 37 KB
8 KB 78ms
67ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/psd-se-afasta-de-bolsonaro-afaga-lula-e-mira-estados-eleicoes-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fa5d27ff3927dafe72c819b5f15d21bbf901671d26c07ac9d32da23e31f83e4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"010e76d5e11a991f0f26f0df272a845e"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:26:21 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: AbLj-UPyM8UiH1GaWU4nlkCscztiO9mdi5CRnboNo8uzmhw-q20mkg==

GET
H2 200 8-leiloes-setor-saneamento-31-bilhoes-2021-2022.json Show response
json.gazetadopovo.com.br/economia/ 27 KB
7 KB 81ms
70ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/8-leiloes-setor-saneamento-31-bilhoes-2021-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51ebbcc0d1032e80874c0b1445b0a5e091e4706b7d2637e0ebbd315e7d90c718

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c01083234971bd52dbd95edca4736617"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 23:03:25 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 6KwiozMvuBn9ICO_Wk2-jRR1N16YxoB3Tcb04eSChxFfFw5Btgj98A==

GET
H2 200 texto-unico-fatiado-rumos-reforma-tributaria-congresso.json Show response
json.gazetadopovo.com.br/economia/ 29 KB
7 KB 80ms
69ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/texto-unico-fatiado-rumos-reforma-tributaria-congresso.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59df371bf5a3fe381933993836f515e64c8b8f0b0d81b04a417c645700b6d369

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"015495f22ec0beb9be3c411ca8b0f723"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 10:50:06 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: HVms9h_KFNqMUYq7f00HZilddqS7cXdkfEpRQvQmAJmnwKaMST9etA==

GET cxense.json
apps.gazetadopovo.com.br/cxense/ 0
0

GET
H2 200 / Show response
comments.gazetadopovo.com.br/content/count/comments/ 2 KB
3 KB 132ms
132ms XHR
application/json 2600:9000:20eb:6e00:4:5c96:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comments.gazetadopovo.com.br/content/count/comments/?keys=[%22fb8c2660-b67f-11eb-8a66-8b895adc0e56%22,%2282bafab0-b646-11eb-9e77-a51b60cdde5f%22,%22a7cc0880-b669-11eb-9df5-1189978eb9e8%22,%22111c3f80-b68d-11eb-ba23-090df87586fb%22,%229e65fee0-b5d8-11eb-9ae7-81ff5f94a672%22,%2212546d00-b66f-11eb-aead-f51e255a0241%22,%220f57f1d0-b4ee-11eb-80a9-d7630b3898f0%22,%228a5b9410-b50a-11eb-be78-3fc0ebe96b48%22,%22cf74a030-b683-11eb-81cd-17bb173e0889%22,%22ca8eff50-b5d6-11eb-8e38-ed45966ef44a%22,%22243fd9b0-b51f-11eb-a288-35b857ad0acb%22,%22ed650fd0-b67e-11eb-8a66-8b895adc0e56%22,%22415aee30-b4e9-11eb-80a9-d7630b3898f0%22,%2217ec0290-b689-11eb-8a66-8b895adc0e56%22,%225fe4ae30-b350-11eb-9e49-ed09bdae7c6a%22,%225a8b8680-b40d-11eb-bb30-f79f95941ede%22,%221e7f7a60-b64d-11eb-ae64-61796228bba6%22,%22f463a480-b64d-11eb-ae64-61796228bba6%22,%224c86bfb0-b5a6-11eb-ac0d-af39e211c5a9%22,%228c327cd0-b650-11eb-9711-55f013ecc167%22,%22ccccfdc0-b4ec-11eb-80a9-d7630b3898f0%22,%223442d490-b351-11eb-9e49-ed09bdae7c6a%22,%2218a419e0-b687-11eb-8a66-8b895adc0e56%22,%22497530d0-b520-11eb-b627-4b8b42c02280%22,%222817d250-b654-11eb-9711-55f013ecc167%22,%22267908f0-b5b0-11eb-9c64-299ebb0272ff%22,%22719b2560-a829-11ea-8690-b7488a9f0453%22,%22f9b9d020-b4fa-11eb-b497-2b2353b9a2f3%22,%2248ad61b0-b4d8-11eb-893d-bfc914b5ec37%22,%22175cbce0-b673-11eb-aead-f51e255a0241%22,%22dfb53910-b5a1-11eb-925f-352833ccc7ea%22,%222b87e450-b34a-11eb-abee-03f5385d5ff5%22,%2242b9bb30-b7b6-11e9-96d3-6195e13c2fd4%22,%226e8ae520-b428-11eb-875b-7746cbd8ec2f%22,%227f93bc80-b3f5-11eb-bfa9-6d75d86756d2%22,%22b0a61680-b420-11eb-84fb-6f574c5dc335%22,%2232608ea0-b262-11eb-9664-8bedfda48389%22,%226597b8c0-b41f-11eb-8d21-55e545bfcd50%22,%22731cc630-b360-11eb-a21b-751ed1246604%22,%22a40845a0-b33b-11eb-8284-272359f31f7c%22,%224d353180-b31c-11eb-b2f2-a9b0dc1a9d89%22]
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6e00:4:5c96:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: fa3b29cc8ede1d0564bb91310a0158a7bdc5cb0c422a19a0bc4ec969e28ec0ac

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront), 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
etag: W/"785-XdM3srpiV61puGz36QNal8Nb5nw"
x-amzn-remapped-content-length: 1925
x-amzn-remapped-date: Sun, 16 May 2021 21:49:40 GMT
x-amz-cf-pop: FRA50-C1, FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fcP6MHksIAMFo9Q=
content-length: 1925
x-amzn-requestid: 7ab6d8d9-1caf-4924-94d3-abe491aa98c4
x-amzn-trace-id: Root=1-60a19374-300099056ab1a369584aeea5;Sampled=0
access-control-allow-methods: *
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: 1G1VCX9yZwXdY2Pa5XR4pqXHC0RUGD0GlJRHIRA387UbglloPSzhaA==
x-amzn-remapped-connection: close

GET
H2 200 saiba-agora.json Show response
www.gazetadopovo.com.br/json/ 49 KB
7 KB 25ms
25ms XHR
application/json 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/saiba-agora.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59078f7c727d97970da4b14b4afae140bf681b253721299c6240f41c3a96d5e

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1; cX_S=korpohkt6pyj1nd0; cX_P=korpohkutl78fg54; _gcl_au=1.1.817852080.1621201778; _gat_UA-23088598-1=1; _hjTLDTest=1; _hjid=a75a0a2b-01e8-466f-a43f-2c9e1e4cb8a8; _hjFirstSeen=1; _gat_trackerInfocoder=1; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQvnfSe2aG0aDehQRDmVR656Khsrg8SWAZ-XmYHGTM83e0vDUzNKF9oX5eGqRNoACSt68fk79v-XRQP4j4wvVJcfiYOFoM1nCPnPe500b0Xqp_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _fbp=fb.2.1621201778320.514499332; __pvi=%7B%22id%22%3A%22v-2021-05-16-23-49-38-107-LO5CbxzyJvgEvrE3-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621201779091%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-9d4a9a30-b690-11eb-b377-a3861886e412; GPSDK_TKTID=us-east-1-9d4a9a30-b690-11eb-b377-a3861886e412; GPSDK_LOCCT=PARIS; GPSDK_LOCCY=FRANCE; GPSDK_LOCRG=ILE-DE-FRANCE
:path: /json/saiba-agora.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:45:16 GMT
content-encoding: gzip
last-modified: Sun, 16 May 2021 21:32:55 GMT
server: AmazonS3
age: 264
etag: W/"aafaad1905750b8b91c7a736c250e93f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: VIE50-C2
content-type: application/json
x-amz-cf-id: yzmxKbaDzN3Z6a7IWqBXo_zk4QdMA7J6EFIQ2Lk9cH-YV0ygmz1_yw==

GET
H2 200 mais-lidas.json Show response
www.gazetadopovo.com.br/json/ 1 KB
1010 B 25ms
25ms XHR
application/json 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/mais-lidas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 570650672fa929f98f7cf03d0cbead87398979cb2b59d9dcac8ec9531720426f

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1; cX_S=korpohkt6pyj1nd0; cX_P=korpohkutl78fg54; _gcl_au=1.1.817852080.1621201778; _gat_UA-23088598-1=1; _hjTLDTest=1; _hjid=a75a0a2b-01e8-466f-a43f-2c9e1e4cb8a8; _hjFirstSeen=1; _gat_trackerInfocoder=1; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQvnfSe2aG0aDehQRDmVR656Khsrg8SWAZ-XmYHGTM83e0vDUzNKF9oX5eGqRNoACSt68fk79v-XRQP4j4wvVJcfiYOFoM1nCPnPe500b0Xqp_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _fbp=fb.2.1621201778320.514499332; __pvi=%7B%22id%22%3A%22v-2021-05-16-23-49-38-107-LO5CbxzyJvgEvrE3-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621201779091%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-9d4a9a30-b690-11eb-b377-a3861886e412; GPSDK_TKTID=us-east-1-9d4a9a30-b690-11eb-b377-a3861886e412; GPSDK_LOCCT=PARIS; GPSDK_LOCCY=FRANCE; GPSDK_LOCRG=ILE-DE-FRANCE
:path: /json/mais-lidas.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:45:16 GMT
content-encoding: gzip
last-modified: Sun, 16 May 2021 21:34:50 GMT
server: AmazonS3
age: 264
etag: W/"ef3a97f8248fa99bfd73e9e306d17aa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-type: application/json
x-amz-cf-id: klbmIE5tsRdPuffEVCijYVxsjZPYw0UOyCwOrzgo4rnwujSDlVxwSg==

GET
H2 200 config.json Show response
www.gazetadopovo.com.br/json/ 59 KB
7 KB 51ms
50ms XHR
application/json 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/config.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0071c7a900a92904c5b673d2ae6b025d09a732028ebc2929e089628edbd0c64a

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1; cX_S=korpohkt6pyj1nd0; cX_P=korpohkutl78fg54; _gcl_au=1.1.817852080.1621201778; _gat_UA-23088598-1=1; _hjTLDTest=1; _hjid=a75a0a2b-01e8-466f-a43f-2c9e1e4cb8a8; _hjFirstSeen=1; _gat_trackerInfocoder=1; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQvnfSe2aG0aDehQRDmVR656Khsrg8SWAZ-XmYHGTM83e0vDUzNKF9oX5eGqRNoACSt68fk79v-XRQP4j4wvVJcfiYOFoM1nCPnPe500b0Xqp_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _fbp=fb.2.1621201778320.514499332; __pvi=%7B%22id%22%3A%22v-2021-05-16-23-49-38-107-LO5CbxzyJvgEvrE3-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621201779091%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-9d4a9a30-b690-11eb-b377-a3861886e412; GPSDK_TKTID=us-east-1-9d4a9a30-b690-11eb-b377-a3861886e412; GPSDK_LOCCT=PARIS; GPSDK_LOCCY=FRANCE; GPSDK_LOCRG=ILE-DE-FRANCE
:path: /json/config.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 13 May 2021 21:13:38 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: W/"4daeb589c170de247d95656d19bd392a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
date: Sun, 16 May 2021 21:49:39 GMT
x-amz-cf-id: qzdWLXQSj6Kz9baFwIkLCxcFepnh_9v5b5LrUArAhsN7ZlKMejyYQA==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 157ms
157ms XHR
application/json 143.204.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-103.fra53.r.cloudfront.net
Software: / Express
Resource Hash: 0927026130903cfe48341c0870520b14e5d1a462163b46e253ca4facec2cbf8b

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
etag: W/"4e3-SfPWeoACIEMkI+tlKDXaXNWX6G8"
x-amzn-remapped-content-length: 1251
x-amzn-remapped-date: Sun, 16 May 2021 21:49:40 GMT
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fcP6LGAroAMFrnw=
content-length: 1251
x-amzn-requestid: 02587ed4-7615-4f55-9260-e11a571e52de
x-amzn-trace-id: Root=1-60a19374-4490ac2360d2fb422a95a348;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: sgN68T19z0fIZCETodfzwgAum-n4ShztoOJ3QctE_0Z-0fstdxX64w==
x-amzn-remapped-connection: close

GET
H2 200 reactions-rank.json Show response
www.gazetadopovo.com.br/json/ 11 KB
3 KB 21ms
21ms XHR
application/json 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/reactions-rank.json?_=1621201777805
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82bbbc911bbd4cb4257174aa7fbbbfc19a4e13cce6d5e14c8296d37e4479478b

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1; cX_S=korpohkt6pyj1nd0; cX_P=korpohkutl78fg54; _gcl_au=1.1.817852080.1621201778; _gat_UA-23088598-1=1; _hjTLDTest=1; _hjid=a75a0a2b-01e8-466f-a43f-2c9e1e4cb8a8; _hjFirstSeen=1; _gat_trackerInfocoder=1; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQvnfSe2aG0aDehQRDmVR656Khsrg8SWAZ-XmYHGTM83e0vDUzNKF9oX5eGqRNoACSt68fk79v-XRQP4j4wvVJcfiYOFoM1nCPnPe500b0Xqp_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _fbp=fb.2.1621201778320.514499332; __pvi=%7B%22id%22%3A%22v-2021-05-16-23-49-38-107-LO5CbxzyJvgEvrE3-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621201779091%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-9d4a9a30-b690-11eb-b377-a3861886e412; GPSDK_TKTID=us-east-1-9d4a9a30-b690-11eb-b377-a3861886e412; GPSDK_LOCCT=PARIS; GPSDK_LOCCY=FRANCE; GPSDK_LOCRG=ILE-DE-FRANCE
:path: /json/reactions-rank.json?_=1621201777805
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:45:16 GMT
content-encoding: gzip
last-modified: Sun, 16 May 2021 21:34:12 GMT
server: AmazonS3
age: 264
etag: W/"1247fd4c0d4d9941e3b8985fc39f2d1c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
content-type: application/json
x-amz-cf-id: idufDuhYv1TrvgYwRCYsOESdpzHHRhR9jKH9-72Yk7kfixHuCGEQaQ==

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 164 KB
30 KB 76ms
29ms Script
application/javascript 2606:4700::6811:4edd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/gazetadopovo-app-b3eeb35c5cd968c95b53.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:4edd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93c29356b85925ff806adbda076c942a77335fecee4715df51b86f50ba64082d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:39 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25
content-length: 30230
cf-request-id: 0a18c115040000dff728025000000001
last-modified: Fri, 14 May 2021 19:52:28 GMT
server: cloudflare
etag: c9f18369ec081ccab71eb48cf99e40a5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WSKZDzEPbVvAMb%2BQE9ili4JoSMGBhd%2BudpJoI4Yr6Jihdx7zZos7KpjTAtZIFHNp2dUDuycgdTEsAKniKpcr0bF9A1rAIh5fc8bwl8njseqN1WYIUhXwisO2qes%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, stale-while-revalidate=60, stale-if-error=3600, must-revalidate, proxy-revalidate, no-transform
accept-ranges: bytes
cf-ray: 6507d134db1cdff7-FRA
x-cache-tag: 28474d564bae9a905d0174475b00711a
expires: Sun, 16 May 2021 22:49:14 GMT

GET
H2 200 bg-ads.png
assets.gazetadopovo.com.br/images/ 89 B
454 B 13ms
10ms Image
image/png 2600:9000:21f3:2800:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2800:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 06:18:05 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:04 GMT
server: AmazonS3
age: 8350295
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: GuJbFbcyog11VKbr5JcvkW3utAeybFrt0KTm-9pxsg6iZmtoEbTEjQ==

GET
H2 200 escolha-do-editor.json Show response
www.gazetadopovo.com.br/json/ 52 KB
8 KB 73ms
36ms XHR
application/json 2600:9000:211a:a200:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/escolha-do-editor.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:a200:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a3a2e63a4ea476dd546a2a0181ab72826f8706dc39649e7488c8e1bc3cba302

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.2019157809.1621201778; _gid=GA1.3.598204554.1621201778; _gat=1; cX_S=korpohkt6pyj1nd0; cX_P=korpohkutl78fg54; _gcl_au=1.1.817852080.1621201778; _gat_UA-23088598-1=1; _hjTLDTest=1; _hjid=a75a0a2b-01e8-466f-a43f-2c9e1e4cb8a8; _hjFirstSeen=1; _gat_trackerInfocoder=1; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQvnfSe2aG0aDehQRDmVR656Khsrg8SWAZ-XmYHGTM83e0vDUzNKF9oX5eGqRNoACSt68fk79v-XRQP4j4wvVJcfiYOFoM1nCPnPe500b0Xqp_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _fbp=fb.2.1621201778320.514499332; __pvi=%7B%22id%22%3A%22v-2021-05-16-23-49-38-107-LO5CbxzyJvgEvrE3-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621201779091%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-9d4a9a30-b690-11eb-b377-a3861886e412; GPSDK_TKTID=us-east-1-9d4a9a30-b690-11eb-b377-a3861886e412; GPSDK_LOCCT=PARIS; GPSDK_LOCCY=FRANCE; GPSDK_LOCRG=ILE-DE-FRANCE
:path: /json/escolha-do-editor.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Sun, 16 May 2021 19:53:23 GMT
server: AmazonS3
age: 264
etag: W/"297a63c9cbc6c4a53881d4e5a89e66f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Sun, 16 May 2021 21:45:16 GMT
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: ssQq4CsSY6ipiY3kF9rXnMHJXSNqSjVraOaPRkiacHIhCaje7iRO5A==

POST
H2 200 / Show response
www.semprefamilia.com.br/cookie-exchanger/ 4 B
1 KB 324ms
305ms XHR
application/json 2600:9000:2156:e800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront), 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Sun, 16 May 2021 21:49:40 GMT
x-amz-cf-pop: FRA56-C2, FRA50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fcP6OEqLoAMF90A=
content-length: 4
x-amzn-requestid: a5f8fe90-4941-48c5-bb17-a97b754857b1
x-amzn-trace-id: Root=1-60a19374-2f0dc3d819ef361d4dba1d39;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: UEnO4juswsvHa0BSiZV4WQq-caOnolv48mXOkRO8_AZOEL5rBNzcKA==
x-amzn-remapped-connection: close

POST
H2 200 / Show response
www.umdoisesportes.com.br/cookie-exchanger/ 4 B
1 KB 316ms
299ms XHR
application/json 2600:9000:2156:7600:1d:7626:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7600:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
via: 1.1 a7631312afe99e40229aa0da70662113.cloudfront.net (CloudFront), 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Sun, 16 May 2021 21:49:40 GMT
x-amz-cf-pop: FRA56-C2, FRA50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fcP6OH9uIAMFsuw=
content-length: 4
x-amzn-requestid: 02b1e68c-49bf-4607-a19e-5826edf5e4d8
x-amzn-trace-id: Root=1-60a19374-3f8fa39721e5e8a77e84c946;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: cBQeEYrLsCXWMXt74a4P_Sry67_3XAL6aAjqAdJu52k15SCrmpqtDw==
x-amzn-remapped-connection: close

GET
H2 200 lula-congresso-pt-stuckert-11-960x540-crop-20210516200908.jpg
media.gazetadopovo.com.br/2021/05/ 69 KB
69 KB 30ms
11ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/lula-congresso-pt-stuckert-11-960x540-crop-20210516200908.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3dfd65b75c85ebd9511c434ab51dfe5d35ea7e2f6cd1981eb9ecbb314a0546a0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 20:11:53 GMT
content-encoding: gzip
last-modified: Sun, 16 May 2021 20:09:37 GMT
server: AmazonS3
age: 5866
etag: "69bee39194ea1ad0a37fe4e8c7b5604d"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 70549
x-amz-cf-id: TV0SIYT7yY0T32J26YuDqaA8302ENLqRkgO56HsRoSGsojUtbuOKjw==

GET
H2 200 bruno-covas-960x540.jpeg
media.gazetadopovo.com.br/2021/05/02174113/ 70 KB
71 KB 30ms
11ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/02174113/bruno-covas-960x540.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c446d484fea7e707b40f59a23eb7981df50e040932cba4615581d5cb30e9de25

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 23:24:57 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Sun, 02 May 2021 20:41:14 GMT
server: AmazonS3
age: 167083
etag: "cd8a3f240058354085528fa8e037ab60"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 72184
x-amz-cf-id: M3nlk8_xUZyOPsz6CbV8BY3ZQNI6PUskRBUJDl-GkvovxsSE4vcziA==
expires: Mon, 02 May 2022 20:41:13 GMT

GET
H2 200 mascaras-960x540.jpg
media.gazetadopovo.com.br/2021/05/13154522/ 116 KB
116 KB 40ms
21ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13154522/mascaras-960x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3762e3f063a0067c2bc6ae697efe0fcbd6f9489bba40dc1d4d0254ebafafde84

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:53:38 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 18:45:24 GMT
server: AmazonS3
age: 266162
etag: "4616fd9c70786462fd75a8ff1a039d0f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 118294
x-amz-cf-id: wPGG4B4jBUys9Lv6ZXwYaQnIkpJKV1gaYEOB38-dO3B1TvWvVjvF8g==
expires: Fri, 13 May 2022 18:45:22 GMT

GET
H2 200 laboratorio-amostras-sangue-960x540.jpg
media.gazetadopovo.com.br/2021/05/13233229/ 80 KB
81 KB 30ms
11ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13233229/laboratorio-amostras-sangue-960x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b426e4a036ad72cd6595ae2b074d19a2c96202900dd36a685be46b2dc335dde1

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 01:07:16 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 02:32:30 GMT
server: AmazonS3
age: 74544
etag: "6652a05d9a2a828bdfb06f008298c09a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 82062
x-amz-cf-id: BmLyymCJ3IlH_9tN9xtM5LRgZj2eKBf74NjzMYUq20qfsW81dkmEcQ==
expires: Sat, 14 May 2022 02:32:29 GMT

GET
H2 200 Reproducao-Al-Jazeera-372x372.jpg
media.gazetadopovo.com.br/2021/05/16144721/ 22 KB
22 KB 30ms
11ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/16144721/Reproducao-Al-Jazeera-372x372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aeb4a93ddd7bc34f79e42ac4d5986496b7e7ee219ea5a1575c874f1b9b23f0ed

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 17:58:40 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Sun, 16 May 2021 17:47:22 GMT
server: AmazonS3
age: 13860
etag: "568e7be7bafb23e94321345b6bf1ec30"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 22338
x-amz-cf-id: nhtvKEGY3B1SBOxzDJYcaiAg21obInqlTbztGyHpmmV0adcPS-rzsQ==
expires: Mon, 16 May 2022 17:47:21 GMT

GET
H/1.1 200
OK geolocalizacao.php Show response
apps.gazetadopovo.com.br/geolocalizacao/ 147 B
726 B 818ms
207ms XHR
application/json 54.94.253.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.gazetadopovo.com.br/geolocalizacao/geolocalizacao.php?inf=cidade
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.94.253.231 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-94-253-231.sa-east-1.compute.amazonaws.com
Software: Apache/2.4.10 (Amazon) PHP/5.4.37 / PHP/5.4.37
Resource Hash: e16ac219cd21b31bcc7e87b0a626685910a4a3199ac975222f64f5cee5fa082a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 16 May 2021 21:50:04 GMT
Server: Apache/2.4.10 (Amazon) PHP/5.4.37
Connection: keep-alive
X-Powered-By: PHP/5.4.37
Content-Length: 147
Content-Type: application/json; charset=utf-8

GET
H2 200 laboratorio-amostras-sangue-214x214.jpg
media.gazetadopovo.com.br/2021/05/13233229/ 12 KB
13 KB 13ms
11ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13233229/laboratorio-amostras-sangue-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64095fe3e562a8fd781a22b6d119145f44af362ce8efa4af1a6d7ce9f78dedda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 02:03:15 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 02:32:30 GMT
server: AmazonS3
age: 71186
etag: "855d032add40fb252eb514940931c822"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 12617
x-amz-cf-id: vyi-kjXPvieu7kSvKBR0Y3cme7s_q287OGZ6bt-B5sJ1-fA9IndisA==
expires: Sat, 14 May 2022 02:32:29 GMT

GET
H2 200 lula-congresso-pt-stuckert11-214x214.jpg
media.gazetadopovo.com.br/2019/11/23151404/ 11 KB
12 KB 13ms
12ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/11/23151404/lula-congresso-pt-stuckert11-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efd588edada4c7dd64043783f7659cc4f58b1783871494f7fb871aacabfe3196

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 20:23:58 GMT
content-encoding: gzip
last-modified: Sat, 23 Nov 2019 18:14:06 GMT
server: AmazonS3
age: 5143
etag: "411897b70c8af9017f288fd7d9b4b329"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 11428
x-amz-cf-id: 8TEFh1TJUXwysuIi2pyQmxh-IJtBdo7sKlbtZPnZiw9XcCWdcTjPVg==
expires: Sun, 22 Nov 2020 18:14:04 GMT

GET
H2 200 Screen-Shot-2021-05-16-at-12.54.31-214x214.png
media.gazetadopovo.com.br/2021/05/16125638/ 53 KB
54 KB 13ms
12ms Image
image/png 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/16125638/Screen-Shot-2021-05-16-at-12.54.31-214x214.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b76118974ef0ab46326990438dd1f1746712aeba32817184e792f8b46c94af8

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 18:37:11 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Sun, 16 May 2021 15:56:39 GMT
server: AmazonS3
age: 11549
etag: "a4fb5bb81622dc91f896083b2d7614c9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 54584
x-amz-cf-id: yhf5RzaMmiyp4Safgo9DwezIIVAWNb7KkVO63W50y4BXT2xPHBvB6Q==
expires: Mon, 16 May 2022 15:56:38 GMT

GET
H2 200 ricardo-nunes-1-214x214.jpg
media.gazetadopovo.com.br/2021/05/16112839/ 13 KB
13 KB 13ms
12ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/16112839/ricardo-nunes-1-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f16c0eae6142f5ff772b436fda78af1642914530dd7b5ae7aa709f37e876fe4

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 15:11:39 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Sun, 16 May 2021 14:28:41 GMT
server: AmazonS3
age: 23882
etag: "db27330b782f9d60dadc0bea3db816e2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 13258
x-amz-cf-id: bC1aeH_2Ef9Od9NAWKCKFCRaJ1mcrn-NGfCMT7yRdNozBSs05u6VtQ==
expires: Mon, 16 May 2022 14:28:39 GMT

GET
H2 200 bruno-covas-214x214.jpeg
media.gazetadopovo.com.br/2021/05/02174113/ 19 KB
20 KB 13ms
12ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/02174113/bruno-covas-214x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5e50d1c9ac3a61b5eae353a6e814bc0373a6762a70d5a2584515a4375c1bfb5

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:20:58 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Sun, 02 May 2021 20:41:15 GMT
server: AmazonS3
age: 30522
etag: "2b0142b4d37c0c13136011adedb2b0c3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19877
x-amz-cf-id: iDSEW1c3go7Q4T4ATMKEpDqJZjrIwQsaHVwxLJkDtt1w_HzgxEA-Qw==
expires: Mon, 02 May 2022 20:41:13 GMT

GET
H2 200 vacinacao_pinhais_aen_1205-1-380x214.jpg
media.gazetadopovo.com.br/2021/05/12150114/ 39 KB
39 KB 21ms
18ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/12150114/vacinacao_pinhais_aen_1205-1-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de42571149eaab9f73801a5fb0df9602885385e4a3e366d9304dbccbb6562cd9

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 19:59:00 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Wed, 12 May 2021 18:01:16 GMT
server: AmazonS3
age: 93041
etag: "56f8e0a9284e2dcf9ba5396eceef626c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 39851
x-amz-cf-id: QbtvBjIZQWFHfR73A0uXb3qls_HlDJektlEr57QtlaWiYZlW8BBEIg==
expires: Thu, 12 May 2022 18:01:14 GMT

GET
H2 200 laboratorio-amostras-sangue-380x214.jpg
media.gazetadopovo.com.br/2021/05/13233229/ 20 KB
20 KB 21ms
18ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13233229/laboratorio-amostras-sangue-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d7bc926d5569df29d71239568cca1be8e851e5168220c3a2a69095c2a0fb04a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 00:37:23 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 02:32:30 GMT
server: AmazonS3
age: 76338
etag: "025cfa08229074c8d9e4ef9f8e31edda"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20362
x-amz-cf-id: SiAprnRgubofCyAbF3_YUqH1ScQZnf0IRFUI8JGoyGuH8V2Z3emJKg==
expires: Sat, 14 May 2022 02:32:29 GMT

GET
H2 200 Gazeta-One-Child-Nation-380x214.jpg
media.gazetadopovo.com.br/2021/05/15150606/ 20 KB
21 KB 20ms
18ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/15150606/Gazeta-One-Child-Nation-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dee2ffb2b8d6e90bdec1a9f7bafee820de5c930fd8cb508e9e4693b8b4d15a96

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 09:22:26 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Sat, 15 May 2021 18:06:07 GMT
server: AmazonS3
age: 44835
etag: "c886a477e4598324354d951e69a23e5e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20689
x-amz-cf-id: cSRyjWqyaJESKCRYenRPwq8hnpbZuvHTf4WtQol-eRSYdpk_9ohlhQ==
expires: Sun, 15 May 2022 18:06:06 GMT

GET
H2 200 bruno-covas-380x214.jpeg
media.gazetadopovo.com.br/2021/05/02174113/ 22 KB
23 KB 20ms
18ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/02174113/bruno-covas-380x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7eb98f2451da8a6f5f6d31e590dd6c56ea58011363dcc614ada8b49597c227f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 23:17:25 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Sun, 02 May 2021 20:41:14 GMT
server: AmazonS3
age: 167536
etag: "683c66f99cea26e514650d7d46134652"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 22980
x-amz-cf-id: OfLbNoJN3CFcGXWd1pieYVdj1U_ndSG_f7kCAcahjDhyHUDm4faLzA==
expires: Mon, 02 May 2022 20:41:13 GMT

GET
H2 200 ricardo-nunes-1-380x214.jpg
media.gazetadopovo.com.br/2021/05/16112839/ 21 KB
21 KB 20ms
18ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/16112839/ricardo-nunes-1-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fd9fa38f29bbfba03b702b380979d2debbfeddc10943a46e8c10d60f0f00494

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 14:37:13 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Sun, 16 May 2021 14:28:41 GMT
server: AmazonS3
age: 25948
etag: "1728712a6336154a8466eebf36e3f379"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 21607
x-amz-cf-id: gVYtO7wlC5od56Tn3uleY1nIsODI0GLFrRUZzBVGJQ6f-QuvvOm8BQ==
expires: Mon, 16 May 2022 14:28:39 GMT

GET
H2 200 Marcha-em-Bras%C3%ADlia-380x214.jpg
media.gazetadopovo.com.br/2021/05/15174529/ 20 KB
20 KB 20ms
18ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/15174529/Marcha-em-Bras%C3%ADlia-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bbbbb39cbb414d18f93cd2676b61afa7ae2830355de347bcf00e01f0a0eeaf4

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 23:51:07 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Sat, 15 May 2021 20:45:31 GMT
server: AmazonS3
age: 79114
etag: "fcac183cb8c5525bdc3c97ae1c85309f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20592
x-amz-cf-id: LuJjoYudQWl4OMs8VVBivLbnp4ouUm4CCLPjobdN3D6ejvyFbWxgPQ==
expires: Sun, 15 May 2022 20:45:29 GMT

GET
H2 200 51181130171_306eec8eac_c-380x214.jpg
media.gazetadopovo.com.br/2021/05/15185324/ 30 KB
31 KB 20ms
18ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/15185324/51181130171_306eec8eac_c-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eaf473fd0258fa10aaebe997c35f15f9989a4b8ad42acf6ede1731ba26529553

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 00:49:57 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Sat, 15 May 2021 21:53:25 GMT
server: AmazonS3
age: 75584
etag: "94a8a015f11b3e4c1971fc004d2bc853"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 30930
x-amz-cf-id: y-NpJFA-YcsdY6LIIN5PR1Ez0fI6dKSPXn0kdNBRJSm3LPvDdvmpZA==
expires: Sun, 15 May 2022 21:53:24 GMT

GET
H2 200 WhatsApp-Image-2021-04-26-at-14.07.58-380x214.jpeg
media.gazetadopovo.com.br/2021/04/26141529/ 16 KB
17 KB 23ms
21ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/04/26141529/WhatsApp-Image-2021-04-26-at-14.07.58-380x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80b7bc9ad3b815d7e0ec6011a41bf3c1219fbdb9b59141a5ae03aaf4e8f09b1a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 00:58:50 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Mon, 26 Apr 2021 17:15:30 GMT
server: AmazonS3
age: 75051
etag: "e5c84b4c1b67b407ff8ceb5359cc18b1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 16530
x-amz-cf-id: Qv4psMyo73tZrid9nwxPbOFJGruZSRr5MqBhPCczgCemFClTrSHlRA==
expires: Tue, 26 Apr 2022 17:15:29 GMT

GET
H2 200 ilustrabruna-380x214.jpg
media.gazetadopovo.com.br/2021/05/14155312/ 5 KB
6 KB 20ms
18ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14155312/ilustrabruna-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c57a6258d7d5683a6eea1726f2b726ffc2fd8eaccc1cbdfb69a93f7ce0d04d5

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 18:41:13 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 18:53:13 GMT
server: AmazonS3
age: 97708
etag: "af7f1818f7a55045e13b125e948939ed"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 5432
x-amz-cf-id: oARyFK_l-dmsgWIki0SUR43MAOc-JsU7bpMHveI3WTPrlUi_pzVriA==
expires: Sat, 14 May 2022 18:53:12 GMT

GET
H2 200 urnas-eletr%C3%B4nicas-380x214.png
media.gazetadopovo.com.br/2021/04/19091317/ 53 KB
54 KB 23ms
21ms Image
image/png 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/04/19091317/urnas-eletr%C3%B4nicas-380x214.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08793ea4fc976354c74035e76b0ffd935d45cb991b57557713709372969cc30e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:36:01 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 12:13:18 GMT
server: AmazonS3
age: 184420
etag: "a622e2bcc499f2e57c4e84372447f00e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 54535
x-amz-cf-id: ECFJOjQUauLzRtn0BsQTe6LRgQp7g3wSyu7uGWTuyrBSVRVKQvTMcg==
expires: Tue, 19 Apr 2022 12:13:17 GMT

GET
H2 200 9c3eaae0-9ce4-11e9-bedd-99009294b334-wp-380x214.jpg
media.gazetadopovo.com.br/2020/06/28153819/ 24 KB
20 KB 22ms
21ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/06/28153819/9c3eaae0-9ce4-11e9-bedd-99009294b334-wp-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08ce39333d3c79c0cb8fefee15cc8acfe274ece6d8aa3a581b08fbeb305ee75a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 10:58:37 GMT
content-encoding: gzip
last-modified: Sun, 28 Jun 2020 18:38:22 GMT
server: AmazonS3
age: 125464
etag: "d699f5c58d7782e057772490ecfb7972"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19895
x-amz-cf-id: PfJx3q8-yarHVKX1fQJox4PpV0yBaD6ZLR9PcUxkhhe0ULvkkZhUVg==
expires: Mon, 28 Jun 2021 18:38:19 GMT

GET
H2 200 internet-vicio-380x214.jpg
media.gazetadopovo.com.br/2021/05/14153705/ 27 KB
27 KB 22ms
21ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14153705/internet-vicio-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d30e1f33652b01033d3af46e70f09d77f4fda2cfc400d4cb2f7f3f86fa2413a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:56:56 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 18:37:06 GMT
server: AmazonS3
age: 175965
etag: "5b9355c82753d2e1a1e9c69df7b1594a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 27333
x-amz-cf-id: 1KpqbcFiGs3R97awwV4Yw8ORNtWXjUHUWETEPaK-FQ2mEEhGxLttPQ==
expires: Sat, 14 May 2022 18:37:05 GMT

GET
H3-29 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v22/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afba6e308182b28f02233e3c816e99fe5cc51511f90cab2cc6219d652f14f3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 08:45:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:07:15 GMT
server: sffe
age: 133478
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19152
x-xss-protection: 0
expires: Sun, 15 May 2022 08:45:02 GMT

GET
H2 200 plantas-maconha-NickyPe-pixabay-380x214.jpg
media.gazetadopovo.com.br/2021/05/13195504/ 20 KB
21 KB 10ms
8ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13195504/plantas-maconha-NickyPe-pixabay-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c192ba214e94169e6f33b5979f9c04473f6098f9dacdf40b7965a1d2fd685127

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 21:18:40 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 22:55:06 GMT
server: AmazonS3
age: 88261
etag: "e4a38c527d76abef658aa0b0336b6018"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20925
x-amz-cf-id: MElCfhoBR9hPNm_xNEFFSRRIln6bLbb0-2MBrJh5sCKQLIYvjgJ-cw==
expires: Fri, 13 May 2022 22:55:04 GMT

GET
H2 200 185150907_4182742275081176_5177986830996875391_n-380x214.jpg
media.gazetadopovo.com.br/2021/05/13144543/ 30 KB
30 KB 11ms
9ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13144543/185150907_4182742275081176_5177986830996875391_n-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13bcb9c65187c5a752d9885939ea73db5bebc90bcbe5e26b1cc6e619b34303a6

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:13:51 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 17:45:44 GMT
server: AmazonS3
age: 268550
etag: "110beb583ae0dab0c06b8afe9fb9846f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 30757
x-amz-cf-id: 3aF5scUMclCpfP_z8bmGkEON7_bgQOiazijcxR3oz7czIL23Ejqv6A==
expires: Fri, 13 May 2022 17:45:43 GMT

GET
H2 200 crimes-sexuais-contra-criancas-luiz-walmocyr-policia-federal-darknet-380x214.jpg
media.gazetadopovo.com.br/2021/05/12095706/ 14 KB
14 KB 10ms
9ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/12095706/crimes-sexuais-contra-criancas-luiz-walmocyr-policia-federal-darknet-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01387522bd0b23d643467eea489a8dca59fca8aa859bef983055d40d2120112

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 15:05:31 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Wed, 12 May 2021 12:57:07 GMT
server: AmazonS3
age: 197050
etag: "d5c773df942e4623deafa77723badbe0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 13966
x-amz-cf-id: sE_Ky2rTlb8-qakY9q9uUWG8amiQ6ccAmSxeJqmFmh1c8m38hLsflg==
expires: Thu, 12 May 2022 12:57:06 GMT

GET
H2 200 saneamento-crop-20210513185947-380x214.jpg
media.gazetadopovo.com.br/2021/05/13160238/ 159 KB
160 KB 10ms
9ms Image
image/jpeg 2600:9000:2156:3a00:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13160238/saneamento-crop-20210513185947-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbb6b936b2c85c019776a06b312e96cb5b11ac07d89250eb1300ad2235564126

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 16:19:52 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 19:02:40 GMT
server: AmazonS3
age: 192589
etag: "872dbe58211e3cdfde1ab6589d1bf73d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 163264
x-amz-cf-id: LphPPlJOU307MlvVuFb396YohBJH01a0A6gUJuZxAiTbgHfqeDEoIw==
expires: Fri, 13 May 2022 19:02:38 GMT

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame 24EA 197 B
682 B 240ms
13ms Document
text/html 2600:9000:20eb:1400:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1400:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /mercurio.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 173
server: marrakesh 1.16.6
last-modified: Tue, 05 Jan 2021 19:37:57 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Sun, 16 May 2021 21:49:40 GMT
expires: Sun, 16 May 2021 21:52:46 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: ba5203ce522cc70a434e9a70452ca145
x-cache: Hit from cloudfront
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: V0-5JhLKw08QqO1v982txscX0qG5h1EEqd3smQvqON4eSFUHG6-dfQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 88ms
32ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

a6a3c9807087811adc4d9d50b87bf5f84d82fe71cea8e31f57fa3b887f76f17a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "874 / 182 of 1000 / last-modified: 1621030215"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21334
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:40 GMT

GET
H2 200 / Show response
t.dynad.net/script/ 115 KB
31 KB 1040ms
396ms Script
text/javascript 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE7 / DynAd.net
Resource Hash: 628a58eec2f50d080ea61c506ea0b1ea5cd68debb3670c9d926caabb8337ab82

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
server: D3-FE7
x-powered-by: DynAd.net
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.524 Power Stroke
cache-control: max-age=0
content-type: text/javascript;charset=ISO-8859-1
expires: Sun, 16 May 2021 21:49:40 GMT

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 17ms
17ms Script
application/javascript 2606:4700::6811:4edd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:4edd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 929
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
access-control-allow-methods: GET, HEAD
content-length: 5277
cf-request-id: 0a18c115c00000dff70707d000000001
x-cache-tag: 042e35d361fd368820b153321d994cb9
last-modified: Mon, 04 Jan 2021 18:03:18 GMT
server: cloudflare
etag: ecbae16720fa9548b931f719328b1c88
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v5J0%2BVZUOawEI1ndea0Fqsj%2B8JWT7TVGvOyO9tNQo8aHVOOuaio3QWjzTdYaf1KzssUMa3R8V%2F6aqaZDE3NidRswA9wtc%2BU7JBhw3p2x1Wv%2FJZcVXdHo2b1Ep2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, stale-while-revalidate=60, stale-if-error=3600, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6507d135fcfadff7-FRA
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
expires: Sun, 16 May 2021 22:34:11 GMT

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 127 KB
17 KB 12ms
12ms Script
application/javascript 2606:4700::6811:4edd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:4edd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e0a46f1a28e4a7adc668158241a0748b4664b5e2fdf5d2e325936a5f09df36

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 917
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
access-control-allow-methods: GET, HEAD
content-length: 17151
cf-request-id: 0a18c115c00000dff728030000000001
x-cache-tag: b1284c36dd1960a71d7a5122c876a51a
last-modified: Fri, 14 May 2021 20:46:28 GMT
server: cloudflare
etag: 7d6dcbe636a8358dfbd22b243ec5e0c8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZRFUgz0bmy83andA189jStnrX4n6GLtjnXqgR2%2FPuKkfou1TCkkOKUFoMIbglvJXYer%2BprnLxUG5jlk2rZeHVuMnqY51rlRMnocC22LefjA1hp%2B0WNHFygdBKG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, stale-while-revalidate=60, stale-if-error=3600, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6507d1360cfcdff7-FRA
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
expires: Sun, 16 May 2021 22:34:23 GMT

GET
H2 200 gazetadopovo.js Show response
me.jsuol.com.br/aud/ 15 KB
6 KB 604ms
199ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:50
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/gazetadopovo.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:50 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 17:31:41 GMT
server: marrakesh 1.16.6
etag: 3259e7f0de5880d1a62dfaa532afdb24
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
content-length: 6355
expires: Sun, 16 May 2021 22:49:40 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 6 KB
2 KB 20ms
20ms Script
application/javascript 2606:4700::6811:4edd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:4edd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 187724f70ee4b0489797a1e57b7851448eb8f44705ae4e27f1877aee681b3294

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1990
content-length: 2098
cf-request-id: 0a18c115c10000dff74194f000000001
last-modified: Wed, 14 Apr 2021 20:02:02 GMT
server: cloudflare
etag: 3f49e0c04db03daf3e6521b90eda5f55
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SLm%2FDSZ6kQREVvGyyD07TcTgQCD16lQTXkSFaIonrYoQHhtyLfHMTPR%2BCNHYtn5Ub%2BZtaR%2FMb0bJvSIwADsvqEwW3gxDxNMTvdVJ4nZOSluCScQJRHS%2BC4g275o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, stale-while-revalidate=60, stale-if-error=3600, must-revalidate, proxy-revalidate, no-transform
accept-ranges: bytes
cf-ray: 6507d1360cfedff7-FRA
x-cache-tag: a14eb6f21cbb466b909e4fbbc3ff71da
expires: Sun, 16 May 2021 22:16:29 GMT

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 599ms
200ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:52
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:52 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 16 May 2021 21:49:40 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript;charset=utf-8
Expires: Sun, 16 May 2021 21:49:39 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 67B8 213 B
692 B 215ms
13ms Document
text/html 2600:9000:20eb:1400:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1400:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Tue, 05 Jan 2021 17:11:31 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Sun, 16 May 2021 21:49:40 GMT
expires: Sun, 16 May 2021 21:52:46 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 6rPvEFM2oknvv_J4bCNt5X9KP_2vKP3kOMuk4ca8472obrKCIDAzZg==

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 0D65 213 B
691 B 215ms
14ms Document
text/html 2600:9000:20eb:1400:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1400:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Sun, 17 Jan 2021 17:14:18 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Sun, 16 May 2021 21:49:40 GMT
expires: Sun, 16 May 2021 21:52:46 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: TAs8an2_H7w-0amyFicMeMWOEehittI9I8ZUeR5MGXKm_p4xr5-YRg==

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
7 KB 15ms
15ms Script
application/javascript 2606:4700::6811:4edd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:4edd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1094
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
access-control-allow-methods: GET, HEAD
content-length: 6125
cf-request-id: 0a18c115e50000dff728032000000001
x-cache-tag: 6bb3f0a11d17dd2bb25b3c1c7d65c42e
last-modified: Tue, 05 Jan 2021 17:14:48 GMT
server: cloudflare
etag: f7a535aa8ca1d0acd1bff039eb80acff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5QDkUJUg7t9nlXjV404gRe3Oym8sMXJqrx%2F5LH6er3dlxGftYB%2BlsIXqvCjnOwSSgPtvPhVvNmcrF2Xps6F4QvVCeMp%2B2GzDKP32cIldHfOoveRhAoHMDTa%2B4Pc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, stale-while-revalidate=60, stale-if-error=3600, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6507d1363d51dff7-FRA
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
expires: Sun, 16 May 2021 22:31:26 GMT

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
500 B 149ms
103ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
cache-control: private, proxy-revalidate
content-type: application/x-javascript
alt-svc: clear

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 19ms
19ms Script
application/javascript 2606:4700::6811:4edd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:4edd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1186
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
access-control-allow-methods: GET, HEAD
content-length: 8357
cf-request-id: 0a18c115f70000dff7d9a70000000001
x-cache-tag: 31a36417678aa188e796bddb4e019e0b
last-modified: Tue, 17 Nov 2020 15:36:09 GMT
server: cloudflare
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UXo0Syg5W5Zo7q%2Bw1oiPIl%2FSpK8xbPwv%2FuB7uvx1Dikk8CQoGKMgWd3lpqJHGo92XB8%2F8eu%2BdJldqm1ifhpvNh6ULnGny41JA0haclWiUIbG%2B4dCddjfdTPaz5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, stale-while-revalidate=60, stale-if-error=3600, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6507d1365d9adff7-FRA
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
expires: Sun, 16 May 2021 22:29:54 GMT

GET
H2 200 trk
tt-10162-1.seg.t.tailtarget.com/ 70 B
460 B 132ms
105ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:gazetadopovo:1&tK=1621201780&tM=referral&tL=referral&tN=referral&tY=3&tZ=52386063
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
319 B 110ms
103ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 5206dc36981bc22eab7da77fd4ee4034af56ab2e053edf04f5bba1500c291884

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-29 200 pubads_impl_2021051001.js Show response
securepubads.g.doubleclick.net/gpt/ 303 KB
107 KB 62ms
31ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 08:38:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109340
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:40 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 144 B
578 B 106ms
105ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=4&tU=0100007F7493A160B8067438023D6B04&tX=b.52&tZ=889058790&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: f739a5513582c76478bb5236a33298c4b823568030c298752408bbcf0f7bf98a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 16 May 2021 22:02:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
799 B 35ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 bg-ads.png
assets.gazetadopovo.com.br/images/ 89 B
446 B 8ms
8ms Image
image/png 2600:9000:21f3:2800:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2800:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 06:18:05 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:04 GMT
server: AmazonS3
age: 8350296
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: ELxf73-I0kPpuVzUr6n46QodRU-Alk0LPwLJQx-kxaj6QPs578oQMQ==

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 1013ms
1012ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1097417366223090&correlator=1883821363803223&output=ldjh&impl=fifs&eid=31060854%2C31061140%2C21064367%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210516&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-5%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621201513&dt=1621201780426&dlt=1621201777411&idt=2962&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=4112&adks=1274092517&ucis=1&ifi=1&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=2019157809.1621201778&ga_sid=1621201780&ga_hid=594716913&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0496319865f0ffb8aaacb68eb5d977ce944992bfc667ce12f3369607403ca8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10089
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 47ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 1647ms
1646ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1097417366223090&correlator=1883821363803223&output=ldjh&impl=fifs&eid=31060854%2C31061140%2C21064367%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210516&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-4%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621201513&dt=1621201780429&dlt=1621201777411&idt=2962&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=3354&adks=1274092522&ucis=2&ifi=2&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=2019157809.1621201778&ga_sid=1621201780&ga_hid=594716913&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

bcb0d55a82958ee5b4c01db8941572a31636c58c332b441356e00984c580edbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10439
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 414ms
413ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1097417366223090&correlator=1883821363803223&output=ldjh&impl=fifs&eid=31060854%2C31061140%2C21064367%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210516&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-3%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621201513&dt=1621201780431&dlt=1621201777411&idt=2962&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=2562&adks=1274092523&ucis=3&ifi=3&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=2019157809.1621201778&ga_sid=1621201780&ga_hid=594716913&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b3fcda5d5d3ebea131b0235ef71f0252e9e395c860c5d5eec757790db07eb078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8225
x-xss-protection: 0
google-lineitem-id: 5690180333
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349142507
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
9 KB 645ms
644ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1097417366223090&correlator=1883821363803223&output=ldjh&impl=fifs&eid=31060854%2C31061140%2C21064367%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210516&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-2%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621201513&dt=1621201780432&dlt=1621201777411&idt=2962&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=1710&adks=2044746413&ucis=4&ifi=4&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=2019157809.1621201778&ga_sid=1621201780&ga_hid=594716913&ga_fc=false&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b79b127922a4dfb0eb5991f5b32439d0c7a374360718ffcbf7c6c095cdf43b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9393
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 82 KB
27 KB 2021ms
2020ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1097417366223090&correlator=1883821363803223&output=ldjh&impl=fifs&eid=31060854%2C31061140%2C21064367%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210516&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C1190x150&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621201513&dt=1621201780433&dlt=1621201777411&idt=2962&frm=20&biw=1600&bih=1200&oid=3&adxs=205&adys=311&adks=1651446792&ucis=5&ifi=5&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x50&msz=1190x0&ga_vid=2019157809.1621201778&ga_sid=1621201780&ga_hid=594716913&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c78e49fc5675424a0d9b28f880b7a83a0e8172079f100042d1d4fcdf58e0a279

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIjY0KKXz_ACFSjKuwgdZ2sJ3Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/12132108151055701416/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIjY0KKXz_ACFSjKuwgdZ2sJ3Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/12132108151055701416/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27523
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 16 May 2021 21:49:42 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 1322ms
1321ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1097417366223090&correlator=1883821363803223&output=ldjh&impl=fifs&eid=31060854%2C31061140%2C21064367%2C31061142&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210516&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-footer-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621201513&dt=1621201780435&dlt=1621201777411&idt=2962&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1190&adks=2713759382&ucis=6&ifi=6&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1148x-1&ga_vid=2019157809.1621201778&ga_sid=1621201780&ga_hid=594716913&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3c7baf9639de9aec86840a0b62c3f0003b36ace087c730795d4b12b0127bddfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9743
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame 24EA 4 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700::6811:4edd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:4edd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2983
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
access-control-allow-methods: GET, HEAD
content-length: 1065
cf-request-id: 0a18c116e20000dff7e6804000000001
x-cache-tag: 13989a2774de3324b351045234195f78
last-modified: Tue, 17 Nov 2020 15:36:09 GMT
server: cloudflare
etag: bed0a7a707f166936e5aaac09879d050
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3eQrBjjyWcAaGQalkj1X3YHfadl5Y46LDT7r21a%2FfebXNW%2B0eCaeYr8sSIXBl86FnqGl2%2Buuvlr1hoCyXyimuUjnrXm6e%2BI0O2g0dxBkw7vTjsZx7THtCK9SM20%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, stale-while-revalidate=60, stale-if-error=3600, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6507d137cfd1dff7-FRA
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
expires: Sun, 16 May 2021 21:59:57 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 67B8 42 KB
9 KB 25ms
25ms Script
application/javascript 2606:4700::6811:4edd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:4edd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3395
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
access-control-allow-methods: GET, HEAD
content-length: 8899
cf-request-id: 0a18c116e20000dff73d9e9000000001
x-cache-tag: 7e379628be0129922ceafe4ff7e06ac5
last-modified: Mon, 04 Jan 2021 18:03:26 GMT
server: cloudflare
etag: 7f26a4519ac2b1604a29daf81d3f336f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xQoQrfBLfAFWm0GFpm7m69M%2Fjm5RZ8aC%2Fjqeqg1Fil5NRr%2BAjQRKfFJdQa26DezLtItlCbNFw7LVCUur9R2Qabu7bd6%2BPo5cdB72s1rVYOBUS%2FkqRwgn%2FUBjsMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, stale-while-revalidate=60, stale-if-error=3600, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6507d137dfd2dff7-FRA
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
expires: Sun, 16 May 2021 21:53:04 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 0D65 42 KB
9 KB 16ms
16ms Script
application/javascript 2606:4700::6811:4edd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:4edd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3395
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
access-control-allow-methods: GET, HEAD
content-length: 8899
cf-request-id: 0a18c116e30000dff7ff24b000000001
x-cache-tag: 7e379628be0129922ceafe4ff7e06ac5
last-modified: Mon, 04 Jan 2021 18:03:26 GMT
server: cloudflare
etag: 7f26a4519ac2b1604a29daf81d3f336f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k0WZ7ctX6tA3LR15vHEoQ1HILxaAe0XyuTItBtb1QX5I9%2BrS5rW%2FduHkbAlwPnS0E9JLoAwFASt6J%2BLFQ2Ft50ygesRmOvGAiKQ%2FAMFm6RpLoa2OOgmb7UA79l4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, stale-while-revalidate=60, stale-if-error=3600, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6507d137dfd3dff7-FRA
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
expires: Sun, 16 May 2021 21:53:04 GMT

GET
H2 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
338 B 106ms
105ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=546274948&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: f07478b2d353c380ad500037450c2cf65c9b13430b3e4e1063855f87e9b7a90e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 110ms
103ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=_paris_ile-de-france_fr_1621201780414_1382421227&tJ=&tQ=gazetadopovo&tU=0100007F7493A160B8067438023D6B04&tX=b.52&tY=1&tZ=507253526
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/gazetadopovo.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4968
date: Sun, 16 May 2021 20:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 16 May 2021 22:26:52 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
4 KB

36ms
36ms

Script
application/javascript

99.86.242.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-124.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:42:53 GMT
via: 1.1 9a736972b021a4b2382c29923f73ce8b.cloudfront.net (CloudFront)
etag: "5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 2005
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 3690
x-amz-cf-id: oolls6u4FndelOUaYdlldCWHNkM-LDBS1iKounoS6KUKSozd7rHavw==

Redirect headers

date: Sun, 16 May 2021 21:49:40 GMT
via: 1.1 9a736972b021a4b2382c29923f73ce8b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: 0x_Ha-OUbNvGiq8mqiLHoILQNPZOZdw81To0lVVLfrvPHPjR7hEeMQ==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=594716913&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAEALQAAAAC~&jid=787664108&gjid=781428907&cid=2019157809.1621201778&tid=UA-97689914-251&_gid=598204554.1621201778&_r=1&_slc=1&cd1=Parceiros&cd2=Gazeta%20do%20Povo&cd3=Gazeta%20do%20Povo&cd11=normal&cd4=2019157809.1621201778&cd66=1621201780775.kb2h8jt&cd85=none&cd87=none&cd88=none&z=320482879

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-97689914-251&cid=2019157809.1621201778&jid=787664108&gjid=781428907&_gid=598204554.1621201778&_u=6GDAAEALQAAAAC~&z=2119200763

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 16 May 2021 21:49:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-97689914-251&cid=2019157809.1621201778&jid=787664108&_u=6GDAAEALQAAAAC~&z=553741539

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 17ms
17ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-97689914-251&cid=2019157809.1621201778&jid=787664108&_u=6GDAAEALQAAAAC~&z=553741539

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 31ms
17ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32da867d8740d402963df7552cb6da4618c7b35b2fe6474b06fd7eb9333f7f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7695
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
337 B 52ms
51ms Image
text/plain 99.86.242.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621201780863&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-124.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
via: 1.1 9a736972b021a4b2382c29923f73ce8b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: fP67No5ZqujrojS9QXdD1y2hjnZKdUFtoEmHPmkNdMd9Kw58_fcvKQ==
x-cache: Miss from cloudfront

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:40 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FAB4 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 16 May 2021 20:05:22 GMT
expires: Mon, 16 May 2022 20:05:22 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6258
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js Show response
pagead2.googlesyndication.com/bg/ Frame FAB4 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb661e4929be3fbce0edbdf989e3dc897abff81c0412205d0a8ee507e41b841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 17:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 101033
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5628
x-xss-protection: 0
expires: Sun, 15 May 2022 17:45:47 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051001&jk=1097417366223090&bg=!qKulq-_NAAY59bwoOfU7ACkAdvg8Wm28L7HSWgLBj_qO5KRru5jIuvMU9wYd44nAXsOFFQ4yP4-6vAIAAABEUgAAAApoAQcKALfnG6rS8eGLqStoUb2cTYkupbaiS99FCFlqe2znO1l4X7zClBwXSUElVXgHfHc4EG8XjIM1YusNjEKjoylEts-m4BIZx_rZQY6jaOnMYwPzeeITXWPfePDaGF-IRLPlj6bBcGBB2J0yYM6hqkOifQu2xvJ-DD6a1Q1AaJ-vZqssphdBZsI-MZbn5pxt04nNUpI_3NNHTcugkcE3Fack2wNQ4VZiEerY4l3IIAdqoWN0RdVdhiC-K0WZAkMcfBf3JxLIio9p8xrwefFL60dBNFyFYtD1guzYUNXJHagY82qPLVt7bIhaIPtqfhGmBLCQv3iV3EmniFS4TZQPQIaGZ6lCjiGcwvFaKcJz28eii8gD44Fgs8Z3ygHCoKtRS9_shGaU527KC9iypYmgdVstcYN3TLRkjFTJtglqWlCnrk8nTnZxIktAjbgwMB-N3kdGzJ0VtccFS642xd8DpnhLzZVyzaXKjAdMaGbI2MnOv6Yayu2rfD_4pt7EyB0DF5JRLsGkeZBNhU1ixBLkp-RefxSPxHwIK4Nf8KlA9jJBwh7KBm5AUUQQB-362cUpwKtn0mMTAnp_NQlIzEdCrCWE1IMlfp1QeO08I1b7gXU-TuhrTWgDg-BER7noZzf7JITUVFm3BjVEei9bQlPpQfRDJ_o0dbcjrlpV-SS9zBlCJWrNLjOlXzRAVTAVXoo8SUHxbcGK1fQYva7bMqzP6y225E6H5HhGFqdwze_lf8kwO03m_u9fSjSkjEyKpi1gk_85KiQu4R6HC4wDFvZvdHHhAIQWfSnYFdi2gZbzhPX13CBnTvOiFpPj6nU1R0awaeSn_rcEkW3rpH8uDYtNZVMXvCh-IBZE40XjAmZVFpk_yw2O5yVsf1oeScgbXhVdL4pWpt5R49KpN_zSJezTjRYEEsp7Pd6M-5UPciR7wMjNz7-Cor_ShNprYopvYcDbr0fALgbXAD34h5V5zsnJ6Qlbqa4UA3D8MHHLIBySxxhCZEjNloTWssEkid9stEq5eJQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E58B 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 16 May 2021 21:49:40 GMT
expires: Mon, 16 May 2022 21:49:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991985148764"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:41 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6B44 624 B
297 B 31ms
17ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiU4-SmATAB&v=APEucNUz6SqQYsnDW5Lc7-Wc7jcFgfs3WN702eoW5GJVwakf_SGkzCcgn5uAKFT-hv112C0FWcBjtAn2Swx0vGEALddJT2zbcsW2IdTuR8qtn-A_Id5_KXkJPsWB4Q09ypabHBdVzSB0a8UYtZIlRH9xryPna-JKgCq-sEhR-BkzExgeHWlklIva-5uZXKKauEjwPLD7mUhuX_W3wS0UWnNDjq6uSWNBDw

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNyuyAIQpovKAhiU4-SmATAB&v=APEucNUz6SqQYsnDW5Lc7-Wc7jcFgfs3WN702eoW5GJVwakf_SGkzCcgn5uAKFT-hv112C0FWcBjtAn2Swx0vGEALddJT2zbcsW2IdTuR8qtn-A_Id5_KXkJPsWB4Q09ypabHBdVzSB0a8UYtZIlRH9xryPna-JKgCq-sEhR-BkzExgeHWlklIva-5uZXKKauEjwPLD7mUhuX_W3wS0UWnNDjq6uSWNBDw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlq8Z5dhdOA-OicPQShH4fzmUov5EU3uSry3UV3Vidp3ayO6c67tHwnXRAdFRc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 21:49:41 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E58B 24 KB
12 KB 48ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3-KsTFWbH6UDH8QSriPvZHtNdNpOKTPoQfKmWrRflASmFZ-P1wr0rHnsOK1PwgM417uPKN8HRd9BPfCF0q_5YAY_G1RevhjEfJ1LBvYlSwNe5TbDVRiFV5MmgErxNjDEsbgcaBoElNLcuOKb8G5wXk3uACg&dbm_d=AKAmf-BzDZKn7L9lYUO95XMTnWXXsuww3Pp27AOO7PrbHueXH_m6EXeRAh5ke5_95kx3o29c8p8-FsqoNNXGnJHkrCTE4j0BQRkGCX3iEZpibiHUiTGgutakdzI2YynqKQSa_Ofz2klY-gSKpZl-sOFTnqYBTxw9ggVXDdVphk6nHD53EDZxXsN1ZI3wU6A6vuv-yUhVoZ11h2NVQwgVmBXuTQrwjbU93rbpEbtKFRTYRrIwJjnQm_0PonPTAhB7nBj68fivdKNuMOjtTnUvdIC37GRE6FXCwBIAua2vB1YNjmuBoArwaN4COz8uJwLsYuMo50CF9D-rq3BTJzLuTmEu3Rw8lylfz8Rovry7HPgCwYlZVEuWr5N8SuI08VlWfgBzeW-4-zhbmW1k0bNGvnPcxukUz7zxK3NpdEvTfvp2mIszAUYEc40O1Op7vErSWGQ7I3TdqNJtragnPDXhnhrXVF_fSvV9p4i9XQIHWg-AZYWWTAFgwbCefY0BIsa_CqLULgP79EdDnFo5zDwPahfdUAkxWuuvK3mvPeZIy-0OmqjU2WvEAqoPyh3-SFjkrqsurjC4oLEdBHlyAS7CLpAg75vrZ7uidDRGGuPPf7MKNmbdYX6yD2ttxugBwV7NpKTFTctCsHZX-aEf8G5AwTVPFMTVBaMmUrQyrRe-ur58d_qiHF2_bSglmMyTSWV77aZnr7U6dG_96XswTScCggXFU-KRW62gVj7Wlcr_VPC4DCIrsW0i-5peHHFN6IGsH9nyiFjVl43b1xr5XYRvTwJEfhxn9Q62kjnb68sWZL6J_p7dC7kMFt8u31T0pxzyFrdKF7apD3G2KnIVSnubZoYRqFE9NjzDKyKNE4fF13OGE0nWfb6z2BVb0Z5k0LufJYXuWpnf_tl6qtekJRy9Yfdy_IM5Niw5CkDhhAjgTeEDLuiVRQD4zoYOeElVKMaOfgje8BPGYoiNrvW02heTdq85TkqqoEKY01v0jWNKKJyw4MYrh640D4k_w_K0RX-IcUjfjnPXTy7ioD2mkZhAUmcLJVEw7O28Cc7cgf__tLKP9F62__44-ZVY9EU-xIFRWE2-PfXkW4nUebiQ-fe1ZfO7vf8L8fhQy_gCYNYOA8FuzpSeFxqPIDhJq4uNFnw5TVWiAdsZJpvosQLDlMVAuXzMnLMhra4NrSYX22yEcmLiT6nS16g5tObOlijtoUp9DbCOZqHVdDgE0cp1oyeUcnoTEUhTJXGM1zF938MTfGn4dAc9bi89zeCIUmkqh2L8K55QWBG9gfvMlKvw0493pUiICZxpSFdascIFPH3hj7DTidmAqpVgYyloWBaiDpr8nDWGYVh757qXjtv0cSumJa_3Z-HESsL2QmKOtsHdjSdqCqZnXpaDmJOf_J6JvpbO8AO8TrXC1KEvek1KsWwIhcUhewMTqe7ajTYxmAPmMuexfUtWNS5AKqz42SHhVMtl5NSRwfjNNL3Xotx6xXx4T27jsrcIC6NUEe5cb93Asy4yEX6ezhiAJ6NKQEn5NU9NNW8MoKgCVxfWEsGlUKuHELw-GkYDsADtk7fNEyzHA7comaQtdrOmPsVvpKhWD7Mz1NIONgf1ny_KPNXIoD4P_s-jRmRt_SEvNN502l0uFEDcj6DeC-HqaL8YvKQKowZGpNhyEkd2Vx8Xo6UQWQxveCyVTEsGmDt7fmKP1jkS4eaPygEWVjn3xdf6jxx1Zygl32juHRmzUnCVPcaQC6KW2982xPE8PdlfJhPWFU6kmT34V5kVg781RP9LRr5h1fa3AjJID5bklssLanjBbULt60DRdmBFyiIxIGjTecZ74JjRTnFwgtgroCxYP-GiKxQowNHIEtRDXNz8UVivaS5j_pWCWSlw1ieafrj-qcvamy93wwRhN7IgRSsY84PJKM1j3BKOHDWkhP1urjoUXxLeFI9_2w3W2z4TjeUa8TntAsFB6l9W46zvLVtXauiRa52GjZF5rt3ZOrkXy9qtTtVH8B5DScCQBeyqg5XIiXMD95Z4-lTEqUWPhpdmrBch1hIKOCzzzVCnnLaBQkWsAxHoNvZBNHlfzBvFvVECx0g06QVF_TCb-YufQtbaAVW_uo9rJ9kn7vJQg-at6hNqlDJi0GaegMGjYwATMkvCSkd1SKKBicSzQnWJjHBIeXtEGIcd8xtBlOilUq54uqgkRZk8aELjt-WGxBqmFOZBy71MDkk3GV4Aa2bwxG4833cErw7_avVbyDQiRNpjSnYMf5CsFDIIZhk6eFh4xrWWiZ9rP8La-yEm6enJqaY8uzGMC9Sk50xwUY1cCv6u7mTg7XgVDsRqN-XZGL5p_VX0TUM9PLn713pbqxQSLgkcHNVq0VCD8j3ARo94Nj3PNlaTlDP1zXsXshf72ZKJljMm3NuQr08uAe-UnUP89Oys0P7qVnkU6CywdnWn2n6zMkKr4gvEI-s31ICHbLOcY5l957TnSA-3m1F1HzRBZqsPt4X5mwoZ1mcbt1TLJyKIBEJ0VLdeuruAmDHG76vLCWIT-ny9LlXqfiqjqwtyXv8fT4NLk88hoGECoupUCHZ2QcFx0KqB4Y32Wf-SNajOLZQ0Sz69za-Q8Rev8gcuTvapj780pMHTIxejW_SvOQgJ3BMGx5sADauMfRqideCqQYruragYj-zJXLSn0mkjQdGH0fNfuiHvuA73ODzdvorwlgid-TbhE7OR7P25PM4h0eXruohc1hfKho73n7rVLOvOn-bQ9hWU3H80eWehyf9IEVnWZaNer9L8mikd9m8vquqGVjoLAAj0WUrLcBU-bajWKc3MVGnzuonuE8WoPseLgu1zFRORhUcOUs_2-nfI59O-VUbk40FHhyGM9PE0Sdn7ZwG7vcg7xx1_wks02nhZUhg9ICSJAi2BatcC6GBF_7FDHkK63fUs7MEZ_IK8XgGRjz6mZzA51zHsyJk1Ytt-YAYkR6A4VelvwkVcgHqOtRp9xULzzrDUaESHZpbn8_hBEJNt-hbT2DSiD4rsBgAyLxPxA93GCTz2YZxhRPQ8NsCukL6trkxzZJOGSyxc-JTJboSKBBMsAWxI4_WFpf0fDp1zlJJ6qdQWBRGGQZKiWo7weZBPjSZv5RtP5HFWwfE&cid=CAASEuRofzNCUYpIdS_Hy7N27UXVuw&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48ea7c1a07806fb3a5016258f7cf407e05d51c43458c7fc8cadfc60cd1b8e979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E58B 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BUG2nuhgGyufJqsahYILBM_nIuPWKfoGasQRx_wBBAB2GDDVIEFvsWQkAsKtCau8vXUrmcYKn7ym6vJK7xbwqy5IP_G8LbmGyDvNMvuvyZARki_Dk

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clk Show response
ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302238114;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/ Frame E58B 43 KB
19 KB 126ms
62ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302238114;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CmZiPdJOhYNXOMpzH7_UPot-fwAe9t8XMYvmvpcyHDr_hHhABINKPxh5g-4GAgIgKoAHi3dvLAsgBCakCzo_-MHRgtD6oAwGqBPsBT9BA9-ZSRTzRozFX_4Y7wczM07bzW_melTBzWDLxmXDUEyDhrLrlrH571BL073JOInlG7rXHZSGtzv9Raxt4xVkYhTK7h1RBNb4P14_iPHqyHFoFsGmbqrWMokMAa9ifKhgOpKJIE0ND8loMCpY2-X5xEi2OQkvuTLb7A1KJwyQww6SWjFIBup-UdrXzV74S-2ObqTZvCf2B_GFfbmQde39aQgWQNw0JPc6kaEIduoSkLp1SEIdKu1O12qw76My77UpqW80NY3qUu__OIZS2pJavCiFqe_I2ZUYMJYPDjqkM-ulv-WgpguPzqNJ6Mp9OajP4XboY_u-1OpDABPP9mdSuA-AEA5AGAaAGTYAHhqKktAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE4TtwwvQEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASEuRofzNCUYpIdS_Hy7N27UXVuw&sig=AOD64_3r23TqN_hYHmQejYwVvo5P_qDpiA&client=ca-pub-6330791094260149&dbm_c=AKAmf-AU5mloWoX4Bg6is0n-9anoD2t0g2X6oAOj_D4nCuhBS5duhwd0gsAtg022vFyshCkkbaB5IVYShIB-GYURED2aqD2vUKH9rUni1i6tjFmonfTEJ8PNkEsTSO8KcUnd-zzSpibjUZRTyLpFRvzbCWENltbx4Q&dbm_d=AKAmf-CUaunIOhPN9soeMfh1jDrbSSwcYv2rlfn1XNQG9XISgqBFakoFpWCsSgUHQ5eqAHcjYapdZvYK9yPUjhrPRMKeY3jU7W2PW9Whhuwbz-fmqYOHsyKBN-j3mYuVUnhXDOJtkifyS71nt0LJE_Q1ii9ihkO2T1Xymh0D5JBQqvq9YoVh4pMymzXAuLwufW7AZYo_M_09RKKJo6SwdJp6QG28iiBVB0QkGNIYWm07FLr9lxCc4mJgGpySr3DFh1sfIgMqb9K0ShWoxXk4RinuwYS502AeYYh513L4RqC81yv72OslhnEfwLJQfVi3tD2ZbDBaRT93RL6t4nmOB6pbMqga5-jBmo76jdWdNvZDrtfn2SXRy8E-t4DSJmsDm89O_VH5uWtJgQaEjl18aFywM2QkE9icB9IuSLKqZdgQo7h7hj4EYHubanOeV2Mm_iGSLEZNz9JHI-EYSMEJwfWIgr7TTey_RA&adurl=;ord=1621201780829269;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

1a3a0566467a354e1984d17459c247951df3206db7a722459809b45e25453cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19275
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame E58B 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 21:48:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E58B 117 KB
36 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:41 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame E58B 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:47:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 21:47:52 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6B44
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK4uFKLHF3SxhfeNWLJB0A&google_cver=1

43 B
1014 B

41ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK4uFKLHF3SxhfeNWLJB0A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiU4-SmATAB&v=APEucNUz6SqQYsnDW5Lc7-Wc7jcFgfs3WN702eoW5GJVwakf_SGkzCcgn5uAKFT-hv112C0FWcBjtAn2Swx0vGEALddJT2zbcsW2IdTuR8qtn-A_Id5_KXkJPsWB4Q09ypabHBdVzSB0a8UYtZIlRH9xryPna-JKgCq-sEhR-BkzExgeHWlklIva-5uZXKKauEjwPLD7mUhuX_W3wS0UWnNDjq6uSWNBDw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 May 2021 21:49:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 16 May 2021 21:49:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK4uFKLHF3SxhfeNWLJB0A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6B44
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKGTddIlRRlIdXgEuvvyngAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK4uFKLHF3SxhfeNWLJB0A&google_cver=1

43 B
894 B

34ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK4uFKLHF3SxhfeNWLJB0A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiU4-SmATAB&v=APEucNUz6SqQYsnDW5Lc7-Wc7jcFgfs3WN702eoW5GJVwakf_SGkzCcgn5uAKFT-hv112C0FWcBjtAn2Swx0vGEALddJT2zbcsW2IdTuR8qtn-A_Id5_KXkJPsWB4Q09ypabHBdVzSB0a8UYtZIlRH9xryPna-JKgCq-sEhR-BkzExgeHWlklIva-5uZXKKauEjwPLD7mUhuX_W3wS0UWnNDjq6uSWNBDw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 May 2021 21:49:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 16 May 2021 21:49:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHK4uFKLHF3SxhfeNWLJB0A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6B44
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAxs4Ix_ZHtIC--v8OLvPaQ&google_cver=1

43 B
1023 B

33ms
25ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAxs4Ix_ZHtIC--v8OLvPaQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiU4-SmATAB&v=APEucNUz6SqQYsnDW5Lc7-Wc7jcFgfs3WN702eoW5GJVwakf_SGkzCcgn5uAKFT-hv112C0FWcBjtAn2Swx0vGEALddJT2zbcsW2IdTuR8qtn-A_Id5_KXkJPsWB4Q09ypabHBdVzSB0a8UYtZIlRH9xryPna-JKgCq-sEhR-BkzExgeHWlklIva-5uZXKKauEjwPLD7mUhuX_W3wS0UWnNDjq6uSWNBDw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 May 2021 21:49:41 GMT
X-Proxy-Origin: 82.102.18.235; 82.102.18.235; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.241:80
AN-X-Request-Uuid: f3d15fb4-69e6-4460-90a1-63a7daf5fb9d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAxs4Ix_ZHtIC--v8OLvPaQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6B44
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxMjg4NzM1NzI0NDU4NDAwNQ%3D%3D

170 B
188 B

65ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxMjg4NzM1NzI0NDU4NDAwNQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 16 May 2021 21:49:41 GMT
X-Proxy-Origin: 82.102.18.235; 82.102.18.235; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid: fa3e4e11-9f54-4456-a952-2070be5207a2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQxMjg4NzM1NzI0NDU4NDAwNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame E58B 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3-KsTFWbH6UDH8QSriPvZHtNdNpOKTPoQfKmWrRflASmFZ-P1wr0rHnsOK1PwgM417uPKN8HRd9BPfCF0q_5YAY_G1RevhjEfJ1LBvYlSwNe5TbDVRiFV5MmgErxNjDEsbgcaBoElNLcuOKb8G5wXk3uACg&dbm_d=AKAmf-BzDZKn7L9lYUO95XMTnWXXsuww3Pp27AOO7PrbHueXH_m6EXeRAh5ke5_95kx3o29c8p8-FsqoNNXGnJHkrCTE4j0BQRkGCX3iEZpibiHUiTGgutakdzI2YynqKQSa_Ofz2klY-gSKpZl-sOFTnqYBTxw9ggVXDdVphk6nHD53EDZxXsN1ZI3wU6A6vuv-yUhVoZ11h2NVQwgVmBXuTQrwjbU93rbpEbtKFRTYRrIwJjnQm_0PonPTAhB7nBj68fivdKNuMOjtTnUvdIC37GRE6FXCwBIAua2vB1YNjmuBoArwaN4COz8uJwLsYuMo50CF9D-rq3BTJzLuTmEu3Rw8lylfz8Rovry7HPgCwYlZVEuWr5N8SuI08VlWfgBzeW-4-zhbmW1k0bNGvnPcxukUz7zxK3NpdEvTfvp2mIszAUYEc40O1Op7vErSWGQ7I3TdqNJtragnPDXhnhrXVF_fSvV9p4i9XQIHWg-AZYWWTAFgwbCefY0BIsa_CqLULgP79EdDnFo5zDwPahfdUAkxWuuvK3mvPeZIy-0OmqjU2WvEAqoPyh3-SFjkrqsurjC4oLEdBHlyAS7CLpAg75vrZ7uidDRGGuPPf7MKNmbdYX6yD2ttxugBwV7NpKTFTctCsHZX-aEf8G5AwTVPFMTVBaMmUrQyrRe-ur58d_qiHF2_bSglmMyTSWV77aZnr7U6dG_96XswTScCggXFU-KRW62gVj7Wlcr_VPC4DCIrsW0i-5peHHFN6IGsH9nyiFjVl43b1xr5XYRvTwJEfhxn9Q62kjnb68sWZL6J_p7dC7kMFt8u31T0pxzyFrdKF7apD3G2KnIVSnubZoYRqFE9NjzDKyKNE4fF13OGE0nWfb6z2BVb0Z5k0LufJYXuWpnf_tl6qtekJRy9Yfdy_IM5Niw5CkDhhAjgTeEDLuiVRQD4zoYOeElVKMaOfgje8BPGYoiNrvW02heTdq85TkqqoEKY01v0jWNKKJyw4MYrh640D4k_w_K0RX-IcUjfjnPXTy7ioD2mkZhAUmcLJVEw7O28Cc7cgf__tLKP9F62__44-ZVY9EU-xIFRWE2-PfXkW4nUebiQ-fe1ZfO7vf8L8fhQy_gCYNYOA8FuzpSeFxqPIDhJq4uNFnw5TVWiAdsZJpvosQLDlMVAuXzMnLMhra4NrSYX22yEcmLiT6nS16g5tObOlijtoUp9DbCOZqHVdDgE0cp1oyeUcnoTEUhTJXGM1zF938MTfGn4dAc9bi89zeCIUmkqh2L8K55QWBG9gfvMlKvw0493pUiICZxpSFdascIFPH3hj7DTidmAqpVgYyloWBaiDpr8nDWGYVh757qXjtv0cSumJa_3Z-HESsL2QmKOtsHdjSdqCqZnXpaDmJOf_J6JvpbO8AO8TrXC1KEvek1KsWwIhcUhewMTqe7ajTYxmAPmMuexfUtWNS5AKqz42SHhVMtl5NSRwfjNNL3Xotx6xXx4T27jsrcIC6NUEe5cb93Asy4yEX6ezhiAJ6NKQEn5NU9NNW8MoKgCVxfWEsGlUKuHELw-GkYDsADtk7fNEyzHA7comaQtdrOmPsVvpKhWD7Mz1NIONgf1ny_KPNXIoD4P_s-jRmRt_SEvNN502l0uFEDcj6DeC-HqaL8YvKQKowZGpNhyEkd2Vx8Xo6UQWQxveCyVTEsGmDt7fmKP1jkS4eaPygEWVjn3xdf6jxx1Zygl32juHRmzUnCVPcaQC6KW2982xPE8PdlfJhPWFU6kmT34V5kVg781RP9LRr5h1fa3AjJID5bklssLanjBbULt60DRdmBFyiIxIGjTecZ74JjRTnFwgtgroCxYP-GiKxQowNHIEtRDXNz8UVivaS5j_pWCWSlw1ieafrj-qcvamy93wwRhN7IgRSsY84PJKM1j3BKOHDWkhP1urjoUXxLeFI9_2w3W2z4TjeUa8TntAsFB6l9W46zvLVtXauiRa52GjZF5rt3ZOrkXy9qtTtVH8B5DScCQBeyqg5XIiXMD95Z4-lTEqUWPhpdmrBch1hIKOCzzzVCnnLaBQkWsAxHoNvZBNHlfzBvFvVECx0g06QVF_TCb-YufQtbaAVW_uo9rJ9kn7vJQg-at6hNqlDJi0GaegMGjYwATMkvCSkd1SKKBicSzQnWJjHBIeXtEGIcd8xtBlOilUq54uqgkRZk8aELjt-WGxBqmFOZBy71MDkk3GV4Aa2bwxG4833cErw7_avVbyDQiRNpjSnYMf5CsFDIIZhk6eFh4xrWWiZ9rP8La-yEm6enJqaY8uzGMC9Sk50xwUY1cCv6u7mTg7XgVDsRqN-XZGL5p_VX0TUM9PLn713pbqxQSLgkcHNVq0VCD8j3ARo94Nj3PNlaTlDP1zXsXshf72ZKJljMm3NuQr08uAe-UnUP89Oys0P7qVnkU6CywdnWn2n6zMkKr4gvEI-s31ICHbLOcY5l957TnSA-3m1F1HzRBZqsPt4X5mwoZ1mcbt1TLJyKIBEJ0VLdeuruAmDHG76vLCWIT-ny9LlXqfiqjqwtyXv8fT4NLk88hoGECoupUCHZ2QcFx0KqB4Y32Wf-SNajOLZQ0Sz69za-Q8Rev8gcuTvapj780pMHTIxejW_SvOQgJ3BMGx5sADauMfRqideCqQYruragYj-zJXLSn0mkjQdGH0fNfuiHvuA73ODzdvorwlgid-TbhE7OR7P25PM4h0eXruohc1hfKho73n7rVLOvOn-bQ9hWU3H80eWehyf9IEVnWZaNer9L8mikd9m8vquqGVjoLAAj0WUrLcBU-bajWKc3MVGnzuonuE8WoPseLgu1zFRORhUcOUs_2-nfI59O-VUbk40FHhyGM9PE0Sdn7ZwG7vcg7xx1_wks02nhZUhg9ICSJAi2BatcC6GBF_7FDHkK63fUs7MEZ_IK8XgGRjz6mZzA51zHsyJk1Ytt-YAYkR6A4VelvwkVcgHqOtRp9xULzzrDUaESHZpbn8_hBEJNt-hbT2DSiD4rsBgAyLxPxA93GCTz2YZxhRPQ8NsCukL6trkxzZJOGSyxc-JTJboSKBBMsAWxI4_WFpf0fDp1zlJJ6qdQWBRGGQZKiWo7weZBPjSZv5RtP5HFWwfE&cid=CAASEuRofzNCUYpIdS_Hy7N27UXVuw&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 13108869059872076478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 21:46:51 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E58B 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 08:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221581
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 08:16:40 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 91A6 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 15 May 2021 14:11:47 GMT
expires: Sun, 15 May 2022 14:11:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 113874
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 91A6 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb661e4929be3fbce0edbdf989e3dc897abff81c0412205d0a8ee507e41b841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 17:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 101034
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5628
x-xss-protection: 0
expires: Sun, 15 May 2022 17:45:47 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame E58B 111 KB
39 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 20:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4858
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 May 2021 20:28:43 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/ Frame E58B 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302238114;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CmZiPdJOhYNXOMpzH7_UPot-fwAe9t8XMYvmvpcyHDr_hHhABINKPxh5g-4GAgIgKoAHi3dvLAsgBCakCzo_-MHRgtD6oAwGqBPsBT9BA9-ZSRTzRozFX_4Y7wczM07bzW_melTBzWDLxmXDUEyDhrLrlrH571BL073JOInlG7rXHZSGtzv9Raxt4xVkYhTK7h1RBNb4P14_iPHqyHFoFsGmbqrWMokMAa9ifKhgOpKJIE0ND8loMCpY2-X5xEi2OQkvuTLb7A1KJwyQww6SWjFIBup-UdrXzV74S-2ObqTZvCf2B_GFfbmQde39aQgWQNw0JPc6kaEIduoSkLp1SEIdKu1O12qw76My77UpqW80NY3qUu__OIZS2pJavCiFqe_I2ZUYMJYPDjqkM-ulv-WgpguPzqNJ6Mp9OajP4XboY_u-1OpDABPP9mdSuA-AEA5AGAaAGTYAHhqKktAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE4TtwwvQEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASEuRofzNCUYpIdS_Hy7N27UXVuw&sig=AOD64_3r23TqN_hYHmQejYwVvo5P_qDpiA&client=ca-pub-6330791094260149&dbm_c=AKAmf-AU5mloWoX4Bg6is0n-9anoD2t0g2X6oAOj_D4nCuhBS5duhwd0gsAtg022vFyshCkkbaB5IVYShIB-GYURED2aqD2vUKH9rUni1i6tjFmonfTEJ8PNkEsTSO8KcUnd-zzSpibjUZRTyLpFRvzbCWENltbx4Q&dbm_d=AKAmf-CUaunIOhPN9soeMfh1jDrbSSwcYv2rlfn1XNQG9XISgqBFakoFpWCsSgUHQ5eqAHcjYapdZvYK9yPUjhrPRMKeY3jU7W2PW9Whhuwbz-fmqYOHsyKBN-j3mYuVUnhXDOJtkifyS71nt0LJE_Q1ii9ihkO2T1Xymh0D5JBQqvq9YoVh4pMymzXAuLwufW7AZYo_M_09RKKJo6SwdJp6QG28iiBVB0QkGNIYWm07FLr9lxCc4mJgGpySr3DFh1sfIgMqb9K0ShWoxXk4RinuwYS502AeYYh513L4RqC81yv72OslhnEfwLJQfVi3tD2ZbDBaRT93RL6t4nmOB6pbMqga5-jBmo76jdWdNvZDrtfn2SXRy8E-t4DSJmsDm89O_VH5uWtJgQaEjl18aFywM2QkE9icB9IuSLKqZdgQo7h7hj4EYHubanOeV2Mm_iGSLEZNz9JHI-EYSMEJwfWIgr7TTey_RA&adurl=;ord=1621201780829269;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 21:47:50 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ED1F 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 16 May 2021 03:14:09 GMT
expires: Mon, 17 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 66932
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E58B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27a6c243672ffb51b1a582fd5a4b3eeaff10901a70890f56f14236b0f7bfd867

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7840 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 15 May 2021 14:11:47 GMT
expires: Sun, 15 May 2022 14:11:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 113874
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 5 KB
2 KB 21ms
6ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b34626df06b7e8b2d19b296f48b78a070629defef7c480d4612c941aa1aaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1527
date: Sun, 16 May 2021 14:08:21 GMT
expires: Mon, 17 May 2021 14:08:21 GMT
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 27680
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E58B 0
528 B 117ms
59ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6Ca6Ru_41gu2GKwxAHoFEPNPDSBEZkRFMxe4HSD6KV5cxmF9y8Irlas4U45NXN-ciLcA35xPMsrNopKk1ujUBb-KdDNOZjsuq3R-Jv6btenHM4C79f-3GxfAL7-ZcKhVDLpKOzUGkw5wWe8qYvmVZLxWSaT8iOx7sp7DgTQuK7Jsfg99y5XuoqlnPOr4M-8O1631FuZYA1FEIXKxe&sig=Cg0ArKJSzHf1grza_d6_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=74&cbvp=1&cstd=72&cisv=r20210511.90341&adurl=

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 21:49:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ED1F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJ8OSZZgMWN-Cl3LTlf8AG4&google_cver=1&google_push=AQvitUKHKhSWLOHLbaZYQnX1_JVTjQxmipg7LPT6-JfhDSsPNdPQfc0bfr5tJ_N3ROHBrmEpdGVuf_xXDY5_-HTCB3IAjMRGTJbK
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A66B51EAF2FA46FBB8BEF47461E25688&google_push=AQvitUKHKhSWLOHLbaZYQnX1_JVTjQxmipg7LPT6-JfhDSsPNdPQfc0bfr5tJ_N3ROHBrmEpdGVuf_xXDY5_-HT...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A66B51EAF2FA46FBB8BEF47461E25688&google_push=AQvitUKHKhSWLOHLbaZYQnX1_JVTjQxmipg7LPT6-JfhDSsPNdPQfc0bfr5tJ_N3ROHBrmEpdGVuf_xXDY5_-HTCB3IAjMRGTJbK

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 16 May 2021 21:49:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A66B51EAF2FA46FBB8BEF47461E25688&google_push=AQvitUKHKhSWLOHLbaZYQnX1_JVTjQxmipg7LPT6-JfhDSsPNdPQfc0bfr5tJ_N3ROHBrmEpdGVuf_xXDY5_-HTCB3IAjMRGTJbK
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sat, 15 May 2021 21:49:41 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame ED1F 70 B
265 B 161ms
56ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM6-nuI6KpH-3sBVBB8Ywic&google_cver=1&google_push=AQvitUJjAyFnipEdeKMYRGrS1URTMSwpdoPX0JT1i1SikHsB3DYrlOKYSpB0HPl0szWxvURUpYUW5SFXo64ZX-NDliWSqXrHf8hy
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame ED1F 0
191 B 93ms
35ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENJvAa3k6f7tDC6vr1BzwPk&google_cver=1&google_push=AQvitUKu9pwW4HO8kSh5-7M6rbp8xa9llf1_MO7wTwV38ATu__bhIV00YyT_lo96McSLmZkkahgOpqJAx-AxwNWQz4yvSjCgpfxT
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame ED1F 0
135 B 66ms
28ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEBO1bClo-5tCqOayAm1A7g&google_cver=1&google_push=AQvitUK4KB4vZJhifQWr9rbdiB37rCXZtqBmymldvCQ83JdRh3ozhP9mS4ArWIigBg6nDiDn2q9MlHAW8v69PFJ2fGz203GvxAZY
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:41 GMT
via: 1.1 google
alt-svc: clear

GET match
um.wbtrk.net/doubleclick/user/ Frame ED1F 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ED1F
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECetwBzPZhOFGKFzAs7AjRI&google_cver=1&google_push=AQvitULuwwTYBYLmc5-cY1WZVT8ro5ma59rF_YKBU-aIi-mMSXDpqjhaQ6A5eE4z7iqnnjYipryAz042MbW2QcYHT...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECetwBzPZhOFGKFzAs7AjRI&google_cver=1&google_push=AQvitULuwwTYBYLmc5-cY1WZVT8ro5ma59rF_YKBU-aIi-mMSXDpqjhaQ6A5eE4z7iqnnjYipryAz042MbW2QcYHT...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULuwwTYBYLmc5-cY1WZVT8ro5ma59rF_YKBU-aIi-mMSXDpqjhaQ6A5eE4z7iqnnjYipryAz042MbW2QcYHTqHC7jHw-BaK&google_hm=e08cbb448bbe42f0b7252a4e

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULuwwTYBYLmc5-cY1WZVT8ro5ma59rF_YKBU-aIi-mMSXDpqjhaQ6A5eE4z7iqnnjYipryAz042MbW2QcYHTqHC7jHw-BaK&google_hm=e08cbb448bbe42f0b7252a4e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 16 May 2021 21:49:41 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULuwwTYBYLmc5-cY1WZVT8ro5ma59rF_YKBU-aIi-mMSXDpqjhaQ6A5eE4z7iqnnjYipryAz042MbW2QcYHTqHC7jHw-BaK&google_hm=e08cbb448bbe42f0b7252a4e
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ED1F
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBs55RLOvu8sgV4OS9blwJQ&google_cver=1&google_push=AQvitULmZpxcCNdYd6UuzzmCii_KyVuK7nd6K8muRmpT_sCe11s3_2JtUDcaOLHBD94IKEbst0XVwa7FGHX-EKHd...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitULmZpxcCNdYd6UuzzmCii_KyVuK7nd6K8muRmpT_sCe11s3_2JtUDcaOLHBD94IKEbst0XVwa7FGHX-EKHdmnxis8Ma3u8

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitULmZpxcCNdYd6UuzzmCii_KyVuK7nd6K8muRmpT_sCe11s3_2JtUDcaOLHBD94IKEbst0XVwa7FGHX-EKHdmnxis8Ma3u8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 16 May 2021 21:49:41 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitULmZpxcCNdYd6UuzzmCii_KyVuK7nd6K8muRmpT_sCe11s3_2JtUDcaOLHBD94IKEbst0XVwa7FGHX-EKHdmnxis8Ma3u8
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: wURQJHbXnvz2dmzJytrUVCXoDEANl932J0hXBrHQVLQFxSNKWhlIlQ==

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame ED1F 0
12 B 33ms
32ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LD_QlIkSf79sDequ2tI1b-JxNPhqUdSvoyZT8NSAvwfbzlqN7jTO3prz5bDno-Yfhc3MLr

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:41 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 carta-science-narrativa-origem-covid-teoria-vazamento-laboratorio.json Show response
json.gazetadopovo.com.br/mundo/ 34 KB
7 KB 9ms
8ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/carta-science-narrativa-origem-covid-teoria-vazamento-laboratorio.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afddb6162cf876aa5b7f7824c3815df516b449fe43599a38284a13205b9e9945

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"257f935758d8d127352db9f2d7d816c6"
age: 262
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 13:04:12 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: a640rR4Lr5E2ZcdLmnbjrRjnxfl7tfFidKV_KnCsQJrc8y5kq5MvBA==

GET
H2 200 para-garantir-palanque-a-lula-pt-abre-mao-de-candidaturas-nos-estados.json Show response
json.gazetadopovo.com.br/republica/ 25 KB
7 KB 11ms
10ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/para-garantir-palanque-a-lula-pt-abre-mao-de-candidaturas-nos-estados.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75357fd177a0be860b0bae619682348a1b9bde0f8e2ed53fb68f44fdd3a33438

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5177a8d0c220b4f3e830bcbb1f22e407"
age: 262
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 19:50:56 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: hJPzwyDLea0L-o_Ow5kxCmybLtNtXIEtz_D6KnU1jS5yhmf-RO1wQg==

GET
H2 200 morte-de-bruno-covas-odio-politico.json Show response
json.gazetadopovo.com.br/vozes/diogo-schelp/ 64 KB
9 KB 11ms
10ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/diogo-schelp/morte-de-bruno-covas-odio-politico.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d9513f328a32e8228fb91dcfd1aba8668faa83864292fee0c9f8cd0dfe736f1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"11546dbbd6d3264b8c25e75a238c257d"
age: 262
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 17:13:57 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: pHoh5d22nqtPTKPrsRECW-ouLH5TvZWzUABTPFwwLSggelv1cavYMw==

GET
H2 200 quem-e-ricardo-nunes-vice-de-bruno-covas-que-vai-assumir-prefeitura.json Show response
json.gazetadopovo.com.br/republica/ 14 KB
4 KB 9ms
8ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/quem-e-ricardo-nunes-vice-de-bruno-covas-que-vai-assumir-prefeitura.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ab3cdcdd5a48379783757d3ea93f0fea27bf0a101deaa60129dfd9603f3f6f9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"ae2ef194553f61e80ce6edb07132ef92"
age: 262
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 14:37:11 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: JiG57ygH5EI5Qo_mFPjV2NRAe79kiATFe5NyPhN9pzinTZAbZDq3Ow==

GET
H2 200 bruno-covas-prefeito-de-sao-paulo-morre-de-cancer.json Show response
json.gazetadopovo.com.br/republica/ 17 KB
4 KB 9ms
9ms XHR
application/json 2600:9000:21f3:c000:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/bruno-covas-prefeito-de-sao-paulo-morre-de-cancer.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e7dc002385b9ba6e6d5535dc6819e1366acb49d4811ded8f58372572a9ee14b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"2375c2cfbd6931419f6b7b033c7e703b"
age: 262
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 13:24:22 GMT
server: AmazonS3
date: Sun, 16 May 2021 21:49:39 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: vw4JPNc9yiXODzXgGJXUovSTx7EGRRCXWvxuN13ssW8b9pcVIxCELg==

GET
H2 200 KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html Show response
s.dynad.net/stack/ Frame 28D4 6 KB
3 KB 868ms
199ms Document
text/html 200.147.166.107
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.166.107 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: static.dynad.net
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a

Request headers

:method: GET
:authority: s.dynad.net
:scheme: https
:path: /stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=448131621201780898
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Sun, 16 May 2021 22:49:42 GMT
pragma: cache
last-modified: Thu, 13 May 2021 01:33:31 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 492.000h
x-varnish: 82597229 58542431
age: 332171
via: 1.1 varnish-v4
content-encoding: gzip

GET
H2 200 928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html Show response
s.dynad.net/stack/ Frame D8AB 53 KB
18 KB 1052ms
384ms Document
text/html 200.147.166.107
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.166.107 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: static.dynad.net
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506

Request headers

:method: GET
:authority: s.dynad.net
:scheme: https
:path: /stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=448131621201780898
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Sun, 16 May 2021 22:49:42 GMT
pragma: cache
last-modified: Fri, 14 May 2021 17:18:38 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 582.000h
x-varnish: 98299935 77481043
age: 189064
via: 1.1 varnish-v4
content-encoding: gzip

GET
H3-29 200 DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7840 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 03:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 65992
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Mon, 16 May 2022 03:29:49 GMT

GET
H3-29 200 style.css
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 1 KB
559 B 8ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d014fe20933612bcc800fcd866327836eb165d15be6360bac248c519ce141fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 14:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27680
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535
x-xss-protection: 0
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 17 May 2021 14:08:21 GMT

GET
H3-29 200 main.js Show response
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 2 KB
603 B 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b4f3d9a482315852b45392fae2cb7f06373674eb4a3fbaafb7c6f7ea17a00f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 14:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27680
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 579
x-xss-protection: 0
last-modified: Sun, 31 Jan 2021 23:25:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 17 May 2021 14:08:21 GMT

GET
H3-29 200 tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BE05 110 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37930
x-xss-protection: 0
last-modified: Tue, 20 Jun 2017 21:14:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 21:49:41 GMT

GET
H3-29 200 back3.jpg
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 26 KB
26 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/back3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce76c1a5edbfaa86d3d95d93c25a5a8022c70bf53177acee5067c1dfc85fda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:57 GMT
server: sffe
age: 29691
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26721
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:50 GMT

GET
H3-29 200 text4.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/text4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd57db2457291c5e7b829b76a495abbc7cd5d149a65209f1013ac7fd80353630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
age: 29690
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1026
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 cta.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 6 KB
6 KB 19ms
15ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9f1b00b41d8f26f6b1861605f9d0a4deaba1ba5cefdd5563ae71891b46a88e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 06:48:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
age: 54076
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6054
x-xss-protection: 0
expires: Mon, 17 May 2021 06:48:25 GMT

GET
H3-29 200 nissan_black.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 1 KB
1 KB 22ms
18ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/nissan_black.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37bc97ea35a020adb37d83ea9b4c63dc4ca34cc8ef9ba731e15a7914a3852b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
age: 29690
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1492
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 back3a.jpg
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 27 KB
27 KB 20ms
16ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/back3a.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2accbcd4db6f651afc7dc798ba46e1c826bbbebb03a089de2c39388a6748748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
age: 29690
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27431
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 text3.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 1 KB
1 KB 19ms
15ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/text3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

123ee0825b070529e70d7a127a533a8e33f7f6e0b004bb1b368ce7d78fd0cca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:57 GMT
server: sffe
age: 29690
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1225
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 text3a.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 2 KB
2 KB 19ms
15ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/text3a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f0ac3e7e1d780529840e49909253f122e5b56036832b19e034fa3289dc95355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:57 GMT
server: sffe
age: 29690
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2520
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 text3b.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 2 KB
2 KB 18ms
15ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/text3b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194dd165a2f7fa82f65c2d5e4eabb13a352d6cbdb24ea248dee23a92058a36ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
age: 29690
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2267
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 text3c.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 3 KB
3 KB 24ms
21ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/text3c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e220ef583f653ea5dd0ad93e7ed543097839c1752591d4b7ecb5bd46c25e2769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
age: 29690
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3169
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 ml.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 400 B
422 B 24ms
21ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ml.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8adf7b5c55881bc2c83bdc0e5b88d82cfa037700b6fb944427e4b333a84562ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
age: 29690
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 back2.jpg
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 16 KB
16 KB 22ms
19ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/back2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd60724cb9210212ed76686b7e74dce2c2c7cfa5fc7a5408c4b75fec59cfb1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
age: 29690
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 text2.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 565 B
587 B 23ms
20ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2ba9ffa08b8c4d5ce2ea6c83f0223e1cf987602d7fbcd56bfe3e8cc60be773a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:57 GMT
server: sffe
age: 29690
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 565
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 text2b.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 1006 B
1 KB 21ms
18ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/text2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289fb9eed8d8ebb41e4a1ed1e50fe919a7dccebf01e01480312b226e2aa4a93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:57 GMT
server: sffe
age: 29690
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1006
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 back1.jpg
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 25 KB
25 KB 21ms
18ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/back1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c40b9ac364e7c77ac95e53a6b382d82a2fa966722d2e3a0cad83474a4feb53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
age: 29690
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25890
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 text1.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 480 B
502 B 20ms
18ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/text1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d6fedc4798eb727f5368a1764f155c0482f111c8b573dc17834b3939ca1ee43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
age: 29690
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 480
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 200 logo.png
s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/ Frame BE05 4 KB
4 KB 20ms
18ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40ccd6bbb4279e57d63e1dba047c33455247a6eca6571f35d59e9c9afd574737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9929072/1612135556481/JUKE_CONFIGUREZ_728x90_02/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 31 Jan 2021 23:25:56 GMT
server: sffe
age: 29690
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3772
x-xss-protection: 0
expires: Mon, 17 May 2021 13:34:51 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91A6 0
20 B 49ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1MyxdZOhYMiECuOqlQfmwYjAAgAAAAA4AeAEAg&bg=!np2lndnNAAY59bwoOfU7ACkAdvg8WlnHYiBEz7Bl_4eVPRk13GS51--BsM_hSS5H5ZxksOZYu6YKpAIAAACqUgAAACRoAQcKAGMQB6SDaUIaFDisTTgugxSEKDa0SsUNwULPgXsTkywhgkngX1BNDtkk1KDwApr55ajWq3JdGID24F96yZ7hU-WSC3jfMctCPtlBtUntBL6d9NpXYxDPg1ifNAUkHUBiUUVtAW6ZAo_ggNBZpMYAAKtVvuWOsT-VUc27ofVFHVNmQ_95g9_kSPG9FgvS2IPjgK6cEYAxo9Ts6ytu-HXobsnkswJwCV-tzMOgOlQ2-UmLL1lPNu7dp77-T8sz8QmaK0wpJR96oNw-4bCiMhOU_QGJzlJQwQ-WBxpPIeM_Tw3FtOjKRyZ8AQ5xElK3xLprBC0WWsX4pfwaoPkm3PZoXkX6R-pF49GKzP9gZR-ScQY_DN5-30HdYc5nSyBc95BXtGjZgZLUWtL954dHMs7YsUHZ3jZFyKq_GbcErYuCnMoYZwKBNG9yekZ_B90KeyNZInoplQWqfQhI2-IW6J9oudu_YLzLGWTJfV0sT2jgKxitVnc8hmYpwvpQrsGNzAkrQRE2zqAzEFbhlzgCeZsuGUzL1G9m8vmgYDywuA_V7fWc90qWhxv-58QETDVIFfIKwx6t8i2CrjS5Eg--D0mKvrw54doDTzyeJ14DWaoBMP3apCBWHzB8ffqqV2IJiXhGAQAsX6eUQZjpAfzuifpzAM9Y0BlTSt-2EGKGMWhWEwJX1JBLbReIgHFc95FKG2mJAa_cfsxSHKHUnrJqDjyg9xNyLHI9TuUiKD5hn0HeFqpaDJ3fNkBXy0xVpPzKdE06X_z7dKDQ9fLwtLjq6XpIW6twUW3I_-JYcupH8Z_XUWxTOHctVDtoeiTtULEewggKsS2bHWdMudUTCj7ksWTL6YjYuvLu1dM_58TXeP_F-c5sH8ujL2LEHV0PwZbacM9ozLS9EEaVBjBlrSvPQ6nF4wHL5hFfQxU9fmcoyFdWeHX0-sIl0gWDf6V7DcVO-jwqSfGaadDI010FMEWWFg27WT0_AdIuJPvXY1wN8Q_aww_MmDWJNH7a

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame E58B 0
23 B 95ms
59ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 21:49:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7840 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BG5M6dZOhYOf4DfWqrASg-7TgCAAAAAA4AeAEAg&bg=!iomlic3NAAY59bwoOfU7ACkAdvg8WjfuS6rHj8HKeL3qIPpaAo30_JUJcPrGFOXQKDJLpVSF_4dc-wIAAAB2UgAAAApoAQcKAO5KUv3UI8YKFVntwJcJwRt-bbJIjLnp8ODqx48Ksj-TXMj6gPaAcaesNzlZRghMRDySv4WPKpDmXDlmU9s_AdOn6-O3Vq46sKUhQlN-QeBjFSIKoukfTrySwMnQiCDrNAbKTgEOG20PEbD7HzbVnD98Nu7NjuHkOTOaraMNwatryK_wmAHQmTGLVX-A7CyjzHx0tuwLB6d7rqSju6n8tk2luILbv9fK76bFG2bjSgj7169Ff4tPXikBLxigVYSo9HT3qtZ_QPTIcVYBxQMs6oiJvNI-Cuhkj7zoUvUXWEnUrIc_32m8jyZyMN-kK6uTmQKMzY9jzxIEqbf9Td3YmrYBmaz6B0Vm9DLTPXxSwatVdYrAbxqEs1of1zKjkBWYk6mg8oyiX2cH9hg9SABz3oP1TxfxpNDApcypZGaoZcjFlh62ThHVuDhB7bi5nzwcGMNFnCQKODb4dkXkiRG-gLVDlo1_pNIesx77mlxqe3K1RsFxrJofDwkk4--_7BNACnmOQydCVg8QnOWOPy1PmrYDf8Ok1y9HdEsaDBUK3CpB91sVs0E1MGFSEqzFgMQWJ0qTw6An3rpwf5KE2JKYScCGBJMANmNOXSDwOWs_qkh5__ZX1Kdx5oODy-EAGCGvQcUnjMnXsqOtbCsRvdPriQtYgUsvIHQAIbhWDztU7ZILsFEwvtXPXXsVX3QO-RQN181mDxaElQbNy_GlZG15lMsyzMGy9STdsvcsDEVu64_-JJuollLvtwowahRBDs5clM6uYTkS7UnJfup8F99D9EhySWaDB10LPhi1caZK6jWxnsl7M6lCZblXiFAqiZnI-wKeDRrXcgh4VToT947H9865--3TBToZg23Dk0gc8Om-oC0E6ZRBhZz6FaUUTvT1eDzWfWbxmptWugU1GszsOqg9evekSDODvahVQxTtRKH4ICe6alECpNmgWyR6xaKu5S4jtFezO9XkJ8UTDT2UZxp5ECB1Ifx9l1qKn3_Es5fjBQUNZ8wEKHdK1mQZzq8M6V3vmcMkvjHzulcT-8m44klf7ayIPDPQK-_uyuzRaY2Qo-OG6v6m84Yt7F2Ytf77Yku4y0dEZ-HK641HoJ88xb1_G7zVbIDLwsJpylJglXF-ucU9WNdJCbShos3rkL21-5kQcwQWOpkEZkuY8plj1IoNnOpFSeyszu55-PGV0A

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FE5 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 16 May 2021 21:49:40 GMT
expires: Mon, 16 May 2022 21:49:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5D63 624 B
369 B 17ms
16ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQ7YnZAhiDjounATAB&v=APEucNVlDE1R_4slnR4jl8iOO14TvfLDugAJA6agEryeNqw_WiI3svLpTJsh-rtfxMHLESksxipQGczzyesGoVBxYuRbNNrDVM11dbbywXeIlL73cTV1Kw2-HgMaJNOYgl7Ls66M2Gcn-zCOKJ_bFyPc3RmFE5ls-7O_Dyg4XEFdq6gVR0wsFeH5sGYv8qExXYCRBb2qC2jmS54kwbZUlXkbs9NYf4fEbw

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNyuyAIQ7YnZAhiDjounATAB&v=APEucNVlDE1R_4slnR4jl8iOO14TvfLDugAJA6agEryeNqw_WiI3svLpTJsh-rtfxMHLESksxipQGczzyesGoVBxYuRbNNrDVM11dbbywXeIlL73cTV1Kw2-HgMaJNOYgl7Ls66M2Gcn-zCOKJ_bFyPc3RmFE5ls-7O_Dyg4XEFdq6gVR0wsFeH5sGYv8qExXYCRBb2qC2jmS54kwbZUlXkbs9NYf4fEbw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlVjj4u7KVPriULUm68vaNB9XAu4cnepQAesWJc7p1CyarrMNQ8nS1xued4_x0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 21:49:41 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2FE5 23 KB
12 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2CWRAZftq7wtyhGi1_EfYh3sDCE1BJ_bPP0b9sIpVGRz-5sZtKMvZSh28POr9zN3bLnRB4INC-h6TjCB32IP8B5hqDQz81XaS9fJL1CujRlXCj1hiGhdhD6u3cmMt5X4u59clPeR4t0LJtZLyWiQTEpJ9LA&dbm_d=AKAmf-CL7UVmi2NiAVNwmtY7ihytRvrl7WyB2SP4nXyg741tcm2jW0c3fR4ZO3EuYifQyXnG9pEbQZdXzZRhPbC5a_kMpfpWVaj3kxhcz65qWszfHIgRrGxZmUrr_oaRFbrJ6AOXUoUYJvtES495sEMB9vyGAdeILPn5J7Kmze8hePvLadsjCQsaNFczt3sH7Xo4gpjGXnGXbsPy2gzD-V6AEw4WcrGNtabOqFCiwsIMWtl9cnPObJAK-DliBq5y9nW2w6BcVuIpT35_edqdTRWEOsBXngpQPadXqkytdbjBClfuGDv0e1TLSkMvHOWVjvGK3Di7S07DHluBKHaW_qtp2BCHZPm4jiZX__VLaq_azCuZ_ifaZJ6_gGslwraKpGosrW8FFrYXsbO5pdB64VagIAY_BUpvgnb1Wf5rpk_uySWmAEdPnTGqN0lwGXng6802C0Ii_tvmGJ7TbzVSxpbOkFiiPlU07N_fX1SJBVUwvj_mr7SegrzLqsdq-gG1s7yL-q6a0nxx0O_QHSMuuapyRnGpAeeoVMBEedkuBdJA1Igkd_LYddGDERKPdH1fbmUd5c1jkvwupFVCwTB_3HvWna2CTVYKMGgH2Ly1KB50bVJw3_FVmkEKbUXPzdfc8MB1vx4Tlq_K3jUGQDYgPQfD_JbZhz-LxExIXMaigX5V2tLoln0YbVH4X4LKFDlqo3dqO4pT7L6PrXg9vfwkthiDSgxrtiTNfs0r-EovPMLjtnfXI0OAOP-myFraMqRFlTJooukqDh-F3NwHiFI-XEw3xzcBzOV8IAg18LsY9py_Lyrz83uERbLnZnQB4R46RkEuTI_GFlltQvObCQy2gPZJFBes9OW17Ow-HhiC9kmwAM-399xEPPeW1APTWmBYs6ziEmYZS32_ghX7X2bwa3i9vCRHyr8gY-2xH-J91gPBMI56BWj0ayt5MBCs0PxRgqyZYI-p6x42iuJDx5R0pUSvKpJuTaN-YPdn9mAi7iapZuerVms_AkbldPoeEOb_9qeHIJGr0m3ESH6K8Ub0XTToWeouwoi2Oy_sahY-OOzbMypLyZyB4XYchutb604N8cJlJkGl1NV-duyCuUSzJav4aiA89XeLvfVAin2OPOlUa8YalXMFDJFKwDQ7BDISjGIrcujWsU-1fC1jaPLDjBXmf5XKR0WemkHYrbRFUDO8O0Zmzv2RLGBgqzZarg9l6SzkHvn83FrLOt_pxq7r3pCm7yji3qm25We0OuSWzkXnsZeHIM6-0cit_gZV7a3XwuisRhd7n0qTwg9lLgzV2QiUCN6Zo45PfU7BpnFemVxT-BRfv-rFWkal0aGyxDMZHB6pwZaWsIwV4JJonRKNSedrkE_gEEfqMp8d77IEaRgEq8lXXk9B8EJvZDSTqMZQOSzVpFYru5xUszj6EjwQAkno4pR34WIyhRkSvXANEivayHtVKVmzl7wftX06qy40byYJQiFNMGhtrWyKHCje1rH5liGqqW-hTGaXqICHysXoSAegj6bRqapSTyzW7avI0ZYyo20QxKq2xtKXGqXSqYK2ues7RbgHfvuCeioFarKPPJvTw4qD2RdO5gYrHLiJFKbj_69hdsWL39SPn2Gp1FLR2Yt8ePWoeAP_60wo0e2DB130Uck6Ijf0eRX2IJtXfNTdor9aNwfRN4bmCUTUCH9C91f8OHrlb_5zydCTOYIqWuT1mozEys22Zo6Qh7ljXupyjnlPXeRqL9bTbgogHZeNLpAXQ6IX8LnwADZVhpZVikILvVLuTyVWA8Uh-MlDeM1LO4LbgARC3H6EOeZKXAe8mdoqUEQU6m_EeoN2yv_ZkjucaIkxzIja26gNOssp1LlxxKNGXKDlXadhoDGfssY6LZHxOULZ5ZoVHkLzAbs7onU7yXDzdndxvGkyEz-yqnM3_x7WDx4tz1oisQaMUKPekxiYutGTuvfOtuoVNTn96dMm9CsJRM92-Jfc3CpW4fA8C1vt4zDpae_GG36Y6OpyKuOBAgRnd39t3FXKeCw-Mo8JSVBbGejvvU3DR6PA-_02-r5m3i5yFgsJ_AN8riEffBsqTFn4-sLF-3UhLigX8vcwJs0IYh5Oazvghsr6UkvaQLkJQF1BPdc-37LeE2YyiQ-JqvgkjLAa8t8ai2WQ6m-e3fsqOIAFZh4ql47f2llR9RUAVQZwmxCyisESnOezW5M0EX4XEVFiJP48Kz58pkclZGgXY0_-kPpjuNp6MnGfoL0JkPhdL63tm_Lsu5AZLDwthU8L6tdKeWf7JlA785SWHgL72591OmfGb1VGFogmDStSrdmFJ4vrKQcvMAohXCW2CBrGLK6mnFfTUvTyMAsclKRKDI1878BAo541koyETAuHLtxgHQEaWhhbya9OK2d1A2_1PCFQMXOx544wwwKBecDujjDEyuTQMezo_d1wx5lh88-5BaZ_aKfS8KPVBx3WMdgFLLLd1ydkaQDqgzxR17-Ue4rLXBnu03jXYfVYaGxLyISLlg4YBWepCimHZTbIypbLttBkI3cC-dY-1QbXpkeOE0Azn9PkiP4lL-D1QIEM1PFDW0iZmlY1xdMnGKlkFNNnNngaGeCBqbKYX4r3HS7-84XuxMT8ZNJ9yBebvWdk1WI6ewadcDCdFb0CzDQOhdMD0EZ-0LCcTR15qqoscoTwNHuyMf06mvvcwHtvAn5QI_PlhT1OEINhMIQxkWTSlor6F03SRJVA0hG7GyFWPu2n_a-ja80spVlB0cAqVVAVkX2-WPG0cXSrbaCX1REL2ztPCblaOgFtFSFfHdZW6OoilcXm7FSPc6lUSVQAb0r_l9QsRzkZFKvqyZmWcBARQP1_qKC_32BNYDMt4BAqhQ90XMuGQrysodPTK1sscRJr1f4C6DTW3m0vmbbm74z3pFU1PYeLdpc6FqjgoiUfsM81yylcFVLvAWQAy94y4phsi0hht-a3woMF2IqM4m580hCPgjZvPO6tC1R9y1p_akoPBZ4NK1b1xG-CseKech5soyTB1dDIwk6TE8lmpj7nYCcqR2RBRlbtLy14jjk0SWLZADM&cid=CAASEuRorRXHobZZJ_QWmw9DTxgqew&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0cba0585f540d99fb8ba968e67bd20e1f55b3ba5838dcc0ebd869630d868ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FE5 42 B
173 B 42ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8dhfU1TOcrJ-6MOU5O7WCJ90-cQVOo1tGp8IRKnxkQ6tMgPYGR5k3P059u6s5_aetybzRSoRYOH8xCW2-NRjFYZuJbLBexkR-EJqNOOl7NKMWE3U

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 2FE5 8 KB
4 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cd20f7f3eb62fd36c0bcf3021b9cfe55bb84da873ea1a88717c61ef90dadf1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:35:37 GMT
server: sffe
age: 2116
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3762
x-xss-protection: 0
expires: Sun, 16 May 2021 22:14:25 GMT

GET
H3-29 404 mraid.js
9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FE5 0
0 16ms
14ms Script
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/mraid.js

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:41 GMT
x-content-type-options: nosniff
server: sffe
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1591
x-xss-protection: 0
content-type: text/html; charset=UTF-8

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/706877/54379466/ Frame 2FE5 45 KB
13 KB 123ms
52ms Script
application/javascript 34.243.68.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/706877/54379466/skeleton.js
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.68.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-68-123.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fc6f08418c27602e052ae96e15c9ad16a0edad8364805dac7f8a7ed3db50558f

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: gzip
x-server-name: app22.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 2FE5 2 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 21:48:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FE5 117 KB
36 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:41 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 2FE5 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:47:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 21:47:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2FE5 0
0 15ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSRGW6H7O_SZs1SBxE2yya8NqWcEdqAhmTAVsXhLqxSYo0TPjVqkQ4Wbuhw12oMZv9PTtRbHMHtlil96Rtkyhk8XjfEw
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5D63
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGoAcgGIcSsZJYu4OWhHXDY&google_cver=1

43 B
1014 B

35ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGoAcgGIcSsZJYu4OWhHXDY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQ7YnZAhiDjounATAB&v=APEucNVlDE1R_4slnR4jl8iOO14TvfLDugAJA6agEryeNqw_WiI3svLpTJsh-rtfxMHLESksxipQGczzyesGoVBxYuRbNNrDVM11dbbywXeIlL73cTV1Kw2-HgMaJNOYgl7Ls66M2Gcn-zCOKJ_bFyPc3RmFE5ls-7O_Dyg4XEFdq6gVR0wsFeH5sGYv8qExXYCRBb2qC2jmS54kwbZUlXkbs9NYf4fEbw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 May 2021 21:49:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 16 May 2021 21:49:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGoAcgGIcSsZJYu4OWhHXDY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5D63
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKGTddIp8qTd74l50AQV7AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGoAcgGIcSsZJYu4OWhHXDY&google_cver=1

43 B
1014 B

37ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGoAcgGIcSsZJYu4OWhHXDY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQ7YnZAhiDjounATAB&v=APEucNVlDE1R_4slnR4jl8iOO14TvfLDugAJA6agEryeNqw_WiI3svLpTJsh-rtfxMHLESksxipQGczzyesGoVBxYuRbNNrDVM11dbbywXeIlL73cTV1Kw2-HgMaJNOYgl7Ls66M2Gcn-zCOKJ_bFyPc3RmFE5ls-7O_Dyg4XEFdq6gVR0wsFeH5sGYv8qExXYCRBb2qC2jmS54kwbZUlXkbs9NYf4fEbw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 May 2021 21:49:42 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 16 May 2021 21:49:42 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGoAcgGIcSsZJYu4OWhHXDY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 5D63
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJfsagg45FFTZNrpdt9yTd8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJfsagg45FFTZNrpdt9yTd8%26google_cver%3D1

43 B
1 KB

32ms
27ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJfsagg45FFTZNrpdt9yTd8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQ7YnZAhiDjounATAB&v=APEucNVlDE1R_4slnR4jl8iOO14TvfLDugAJA6agEryeNqw_WiI3svLpTJsh-rtfxMHLESksxipQGczzyesGoVBxYuRbNNrDVM11dbbywXeIlL73cTV1Kw2-HgMaJNOYgl7Ls66M2Gcn-zCOKJ_bFyPc3RmFE5ls-7O_Dyg4XEFdq6gVR0wsFeH5sGYv8qExXYCRBb2qC2jmS54kwbZUlXkbs9NYf4fEbw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 May 2021 21:49:42 GMT
X-Proxy-Origin: 82.102.18.235; 82.102.18.235; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.150:80
AN-X-Request-Uuid: 8a9d985b-42d3-4bd7-a4b5-f2e096632777
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 16 May 2021 21:49:41 GMT
X-Proxy-Origin: 82.102.18.235; 82.102.18.235; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.78:80
AN-X-Request-Uuid: d915d8a5-2c9f-415a-9c54-62965f5e7067
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJfsagg45FFTZNrpdt9yTd8%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5D63
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MDIyNDA4OTcwNDQ4MTMx

170 B
188 B

36ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MDIyNDA4OTcwNDQ4MTMx

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 16 May 2021 21:49:41 GMT
X-Proxy-Origin: 82.102.18.235; 82.102.18.235; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.81:80
AN-X-Request-Uuid: 211edf2a-1391-42df-92ce-2a3d4052ecfd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MDIyNDA4OTcwNDQ4MTMx
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 2FE5 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2CWRAZftq7wtyhGi1_EfYh3sDCE1BJ_bPP0b9sIpVGRz-5sZtKMvZSh28POr9zN3bLnRB4INC-h6TjCB32IP8B5hqDQz81XaS9fJL1CujRlXCj1hiGhdhD6u3cmMt5X4u59clPeR4t0LJtZLyWiQTEpJ9LA&dbm_d=AKAmf-CL7UVmi2NiAVNwmtY7ihytRvrl7WyB2SP4nXyg741tcm2jW0c3fR4ZO3EuYifQyXnG9pEbQZdXzZRhPbC5a_kMpfpWVaj3kxhcz65qWszfHIgRrGxZmUrr_oaRFbrJ6AOXUoUYJvtES495sEMB9vyGAdeILPn5J7Kmze8hePvLadsjCQsaNFczt3sH7Xo4gpjGXnGXbsPy2gzD-V6AEw4WcrGNtabOqFCiwsIMWtl9cnPObJAK-DliBq5y9nW2w6BcVuIpT35_edqdTRWEOsBXngpQPadXqkytdbjBClfuGDv0e1TLSkMvHOWVjvGK3Di7S07DHluBKHaW_qtp2BCHZPm4jiZX__VLaq_azCuZ_ifaZJ6_gGslwraKpGosrW8FFrYXsbO5pdB64VagIAY_BUpvgnb1Wf5rpk_uySWmAEdPnTGqN0lwGXng6802C0Ii_tvmGJ7TbzVSxpbOkFiiPlU07N_fX1SJBVUwvj_mr7SegrzLqsdq-gG1s7yL-q6a0nxx0O_QHSMuuapyRnGpAeeoVMBEedkuBdJA1Igkd_LYddGDERKPdH1fbmUd5c1jkvwupFVCwTB_3HvWna2CTVYKMGgH2Ly1KB50bVJw3_FVmkEKbUXPzdfc8MB1vx4Tlq_K3jUGQDYgPQfD_JbZhz-LxExIXMaigX5V2tLoln0YbVH4X4LKFDlqo3dqO4pT7L6PrXg9vfwkthiDSgxrtiTNfs0r-EovPMLjtnfXI0OAOP-myFraMqRFlTJooukqDh-F3NwHiFI-XEw3xzcBzOV8IAg18LsY9py_Lyrz83uERbLnZnQB4R46RkEuTI_GFlltQvObCQy2gPZJFBes9OW17Ow-HhiC9kmwAM-399xEPPeW1APTWmBYs6ziEmYZS32_ghX7X2bwa3i9vCRHyr8gY-2xH-J91gPBMI56BWj0ayt5MBCs0PxRgqyZYI-p6x42iuJDx5R0pUSvKpJuTaN-YPdn9mAi7iapZuerVms_AkbldPoeEOb_9qeHIJGr0m3ESH6K8Ub0XTToWeouwoi2Oy_sahY-OOzbMypLyZyB4XYchutb604N8cJlJkGl1NV-duyCuUSzJav4aiA89XeLvfVAin2OPOlUa8YalXMFDJFKwDQ7BDISjGIrcujWsU-1fC1jaPLDjBXmf5XKR0WemkHYrbRFUDO8O0Zmzv2RLGBgqzZarg9l6SzkHvn83FrLOt_pxq7r3pCm7yji3qm25We0OuSWzkXnsZeHIM6-0cit_gZV7a3XwuisRhd7n0qTwg9lLgzV2QiUCN6Zo45PfU7BpnFemVxT-BRfv-rFWkal0aGyxDMZHB6pwZaWsIwV4JJonRKNSedrkE_gEEfqMp8d77IEaRgEq8lXXk9B8EJvZDSTqMZQOSzVpFYru5xUszj6EjwQAkno4pR34WIyhRkSvXANEivayHtVKVmzl7wftX06qy40byYJQiFNMGhtrWyKHCje1rH5liGqqW-hTGaXqICHysXoSAegj6bRqapSTyzW7avI0ZYyo20QxKq2xtKXGqXSqYK2ues7RbgHfvuCeioFarKPPJvTw4qD2RdO5gYrHLiJFKbj_69hdsWL39SPn2Gp1FLR2Yt8ePWoeAP_60wo0e2DB130Uck6Ijf0eRX2IJtXfNTdor9aNwfRN4bmCUTUCH9C91f8OHrlb_5zydCTOYIqWuT1mozEys22Zo6Qh7ljXupyjnlPXeRqL9bTbgogHZeNLpAXQ6IX8LnwADZVhpZVikILvVLuTyVWA8Uh-MlDeM1LO4LbgARC3H6EOeZKXAe8mdoqUEQU6m_EeoN2yv_ZkjucaIkxzIja26gNOssp1LlxxKNGXKDlXadhoDGfssY6LZHxOULZ5ZoVHkLzAbs7onU7yXDzdndxvGkyEz-yqnM3_x7WDx4tz1oisQaMUKPekxiYutGTuvfOtuoVNTn96dMm9CsJRM92-Jfc3CpW4fA8C1vt4zDpae_GG36Y6OpyKuOBAgRnd39t3FXKeCw-Mo8JSVBbGejvvU3DR6PA-_02-r5m3i5yFgsJ_AN8riEffBsqTFn4-sLF-3UhLigX8vcwJs0IYh5Oazvghsr6UkvaQLkJQF1BPdc-37LeE2YyiQ-JqvgkjLAa8t8ai2WQ6m-e3fsqOIAFZh4ql47f2llR9RUAVQZwmxCyisESnOezW5M0EX4XEVFiJP48Kz58pkclZGgXY0_-kPpjuNp6MnGfoL0JkPhdL63tm_Lsu5AZLDwthU8L6tdKeWf7JlA785SWHgL72591OmfGb1VGFogmDStSrdmFJ4vrKQcvMAohXCW2CBrGLK6mnFfTUvTyMAsclKRKDI1878BAo541koyETAuHLtxgHQEaWhhbya9OK2d1A2_1PCFQMXOx544wwwKBecDujjDEyuTQMezo_d1wx5lh88-5BaZ_aKfS8KPVBx3WMdgFLLLd1ydkaQDqgzxR17-Ue4rLXBnu03jXYfVYaGxLyISLlg4YBWepCimHZTbIypbLttBkI3cC-dY-1QbXpkeOE0Azn9PkiP4lL-D1QIEM1PFDW0iZmlY1xdMnGKlkFNNnNngaGeCBqbKYX4r3HS7-84XuxMT8ZNJ9yBebvWdk1WI6ewadcDCdFb0CzDQOhdMD0EZ-0LCcTR15qqoscoTwNHuyMf06mvvcwHtvAn5QI_PlhT1OEINhMIQxkWTSlor6F03SRJVA0hG7GyFWPu2n_a-ja80spVlB0cAqVVAVkX2-WPG0cXSrbaCX1REL2ztPCblaOgFtFSFfHdZW6OoilcXm7FSPc6lUSVQAb0r_l9QsRzkZFKvqyZmWcBARQP1_qKC_32BNYDMt4BAqhQ90XMuGQrysodPTK1sscRJr1f4C6DTW3m0vmbbm74z3pFU1PYeLdpc6FqjgoiUfsM81yylcFVLvAWQAy94y4phsi0hht-a3woMF2IqM4m580hCPgjZvPO6tC1R9y1p_akoPBZ4NK1b1xG-CseKech5soyTB1dDIwk6TE8lmpj7nYCcqR2RBRlbtLy14jjk0SWLZADM&cid=CAASEuRorRXHobZZJ_QWmw9DTxgqew&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 13108869059872076478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 21:46:51 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2FE5 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 08:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221581
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 08:16:40 GMT

GET
H3-29 404 mraid.js
9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FE5 0
0 13ms
13ms Script
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/mraid.js

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:41 GMT
x-content-type-options: nosniff
server: sffe
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1591
x-xss-protection: 0
content-type: text/html; charset=UTF-8

GET
H3-29 200 impl_v71.js Show response
www.googletagservices.com/dcm/ Frame 2FE5 37 KB
15 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v71.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93da23ad716e68c9eff8fcfcf2ccf7056467e6d6e34ae308ec9ef571b64dff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 20:14:08 GMT
server: sffe
age: 281157
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
expires: Fri, 13 May 2022 15:43:44 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ECC1 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 15 May 2021 14:11:47 GMT
expires: Sun, 15 May 2022 14:11:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 113874
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js Show response
pagead2.googlesyndication.com/bg/ Frame ECC1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nLZh5JKb4_vODtvfmJ49yJer_4HAQSIF0KjuUH5BuEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb661e4929be3fbce0edbdf989e3dc897abff81c0412205d0a8ee507e41b841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 17:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 101034
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5628
x-xss-protection: 0
expires: Sun, 15 May 2022 17:45:47 GMT

GET
H2 200 B25828797.302510569;dc_ver=71.206;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=943508953;ord=kn7153;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfazQdZOhYIGNGt7Y7_UPqcIc9... Show response
ad.doubleclick.net/ddm/adj/N900445.2799004IGNITIONONEMX/ Frame 2FE5 45 KB
19 KB 59ms
59ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N900445.2799004IGNITIONONEMX/B25828797.302510569;dc_ver=71.206;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=943508953;ord=kn7153;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfazQdZOhYIGNGt7Y7_UPqcIc9cfjx2KKmc-N8w3c2R4QASDSj8YeYPuBgICICqABsOnnwQLIAQmpAs6P_jB0YLQ-qAMBqgTiAU_QLFBJZ9aTplrjWDKqEq_icixNN_Hf23wMlRlnECKknhQkb0mZsu5L0N2OphowMgyA_hXTEqtG16bIT-9PGodqrUiNHXy78WIr-FSP0u5EIl7s0ZLg_d8lJd3uJf8SBbAB6Aebdn25mYivOpOGfmqbzx5SUwf_gz6CNEyMyo19EMrXmj4QKaVzFQSdfszmTCR5a2tRPAMjhQhtTii8uRkAjtppZeWryuB5vbc-okqCXazHua78O2A8r-oITt54BprYapmZQGly8uUlZFCM2iao4b5XHa4NYhHlI9Hgmj5ZMrTABPKi2LPQA-AEA5AGAaAGTYAHuJaYvgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE62DtQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRorRXHobZZJ_QWmw9DTxgqew%26sig%3DAOD64_1mHbK3afpWTQtwSdHn4aeFx1JbiA%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-BTb5czZp254eweZdYz4l_nwMgnpnXvSzUqWbDK_v1CFyCoABCI6In7vh1hYcV68eEtgtzsNkpnB2YVh4delPqdAb-eqwZarfk2C5QiyCmExWC5kdYRoqoN-ZzYZ4RhIM06TzhRkVa1r5GxKUvG3xvXjHqDLg%26dbm_d%3DAKAmf-BgLmfBh980nQZTBJE4CnBmYzXEyN5jXB5rstuG4KymgD0ZY38QG3iYm5Rvy0z_-Nd6ZOVh1ns0IpbPGIiZbqZZxJWth_qPB6wpDNuY8vsFfLSbXbkQZX35Ee2SIuWvjhfcIwlH7KQRV2HquuGICLiXNueo7G32RU6QPl-Kpq5DxIlN0Ma7VeOwNTsKWjltqqXP7IGvl-v44Iem9jlDv8XWpnL6iM1x_DTRq-UFHAYgnGRKD8mxVec8Wa9LuxwBysH06hkHOsuRil9_lrAFWBzk7GOcK6BWP2XcyC_8qi5ZQcdMPwYzD4ZcScOs0ESnH8fNM7qvDrikIE22MPoyMI0Zr_w88CZag23py1WPzu2Ol-D3AP9oWOBkrkgHp4YLdxKy_nVPgz8C_51vnX5YHGfditEWhKGA3_djMmpA_GrjTqW5PTqkXaLmTQc_01qnlyVgTKWRgzEiG2p6s_UX937uRZvOnA%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.gazetadopovo.com.br%2F$0;xdt=1;crlt=Jizo)CWBu2;osda=2;sttr=33;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

c110089cdef8b21a42882056e0fee5c7a902ab54ae54fdbb1ca022fb6cf896da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19422
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
116 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=1872034572&gjid=59379077&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&_r=1&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Prefeito%20de%20Santos%20decreta%20luto%20de%20tr%C3%AAs%20dias%20pela%20morte%20de%20Bruno%20Covas&il1pi1id=1d9afd40-b68e-11eb-ac80-eb58807c1c85&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=1&z=230625600

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
10ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Bolsonaro%20presta%20solidariedade%20%C3%A0%20fam%C3%ADlia%20de%20Bruno%20Covas&il1pi1id=e0bfc500-b682-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=2&z=1857832089

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
11ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Atriz%20Eva%20Wilma%20morre%20aos%2087%20anos&il1pi1id=2817d250-b654-11eb-9711-55f013ecc167&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=cultura&il1pi1ps=3&z=856200730

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
11ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Caixa%20paga%20segunda%20parcela%20do%20aux%C3%ADlio%20emergencial%20para%20nascidos%20em%20janeiro&il1pi1id=c073ca10-b643-11eb-ae64-61796228bba6&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=4&z=1764475462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Para%20garantir%20palanque%20a%20Lula%2C%20PT%20abre%20m%C3%A3o%20de%20candidaturas%20nos%20estados&il1pi1id=fb8c2660-b67f-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=2022&il1pi1ca=republica&il1pi1ps=5&z=2145730740

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
12ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Bolsonaro%20diz%20que%2C%20sem%20voto%20impresso%2C%20fraude%20levar%C3%A1%20Lula%20%C3%A0%20Presid%C3%AAncia&il1pi1id=caaffb00-b5b9-11eb-9c64-299ebb0272ff&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=6&z=22753789

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
12ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Prefeito%20de%20S%C3%A3o%20Paulo%2C%20Bruno%20Covas%20morre%20de%20c%C3%A2ncer%206%20meses%20ap%C3%B3s%20ser%20reeleito&il1pi1id=82bafab0-b646-11eb-9e77-a51b60cdde5f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=7&z=1461666163

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
13ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Veja%20a%20repercuss%C3%A3o%20da%20morte%20do%20prefeito%20Bruno%20Covas%20entre%20pol%C3%ADticos&il1pi1id=58fac770-b649-11eb-ae64-61796228bba6&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=8&z=966421556

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
13ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Bolsonaro%20presta%20solidariedade%20%C3%A0%20fam%C3%ADlia%20de%20Bruno%20Covas&il1pi1id=e0bfc500-b682-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=9&z=1488991340

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
13ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=A%20morte%20de%20Bruno%20Covas%20e%20o%20%C3%B3dio%20pol%C3%ADtico&il1pi1id=a7cc0880-b669-11eb-9df5-1189978eb9e8&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=diogo-schelp&il1pi1ps=10&z=696292135

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
14ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Quem%20%C3%A9%20Ricardo%20Nunes%2C%20vice%20de%20Bruno%20Covas%20que%20vai%20assumir%20Prefeitura%20de%20S%C3%A3o%20Paulo&il1pi1id=35fd0fd0-b653-11eb-9711-55f013ecc167&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=11&z=1749025317

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
13ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Diretriz%20para%20uso%20de%20m%C3%A1scaras%20nos%20EUA%20causa%20confus%C3%A3o%20e%20autoridades%20reagem&il1pi1id=111c3f80-b68d-11eb-ba23-090df87586fb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=12&z=783191424

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
13ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Carta%20%C3%A0%20Science%20quebra%20%E2%80%9Cmorda%C3%A7a%E2%80%9D%20da%20narrativa%20sobre%20a%20origem%20da%20Covid&il1pi1id=9e65fee0-b5d8-11eb-9ae7-81ff5f94a672&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=mundo&il1pi1ps=13&z=1870246808

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
10ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Dia%20mais%20violento%20desde%20o%20in%C3%ADcio%20do%20conflito%20recente%20deixa%2033%20mortos%20em%20Gaza&il1pi1id=12546d00-b66f-11eb-aead-f51e255a0241&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=14&z=228074877

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
10ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Educa%C3%A7%C3%A3o%205.0%3A%20estamos%20prontos%20para%20essa%20nova%20realidade%3F&il1pi1id=857b2500-b339-11eb-bfd4-c3fbc3071af1&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=beetools&il1pi1ps=15&z=1239355917

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Thais%20Possati%20de%20Souza&il1pi1id=0f57f1d0-b4ee-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=guilherme-fiuza&il1pi1ps=16&z=228568759

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Bispos%20da%20Igreja%20Universal%20expulsos%20de%20Angola%3A%20um%20caso%20para%20o%20Brasil%2C%20Europa%20e%20o%20mundo%20se%20pronunciarem&il1pi1id=8a5b9410-b50a-11eb-be78-3fc0ebe96b48&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=cronicas-de-um-estado-laico&il1pi1ps=17&z=575785202

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=O%20%E2%80%9Capocalipse%20de%20palha%E2%80%9D%20e%20a%20religi%C3%A3o%20do%20bolsonarismo%20para%20Yago%20Martins&il1pi1id=d9532c30-b506-11eb-be78-3fc0ebe96b48&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=guilherme-de-carvalho&il1pi1ps=18&z=1829454258

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
9ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=O%20inebriante%20populismo%20vacinal&il1pi1id=8891f240-b4f7-11eb-b497-2b2353b9a2f3&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=leonardo-coutinho&il1pi1ps=19&z=1612569302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
9ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Um%20retrato%20devastador%20da%20pol%C3%ADtica%20do%20filho%20%C3%BAnico%20na%20China&il1pi1id=618ee520-b5a8-11eb-ac0d-af39e211c5a9&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=luciano-trigo&il1pi1ps=20&z=440396454

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
9ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=O%20livro%20roubado.%20Ou%3A%20tomara%20que%20o%20Bira%20n%C3%A3o%20leia%20esta%20cr%C3%B4nica&il1pi1id=3f0a8390-b33e-11eb-8284-272359f31f7c&il1pi1pr=0.00&il1pi1br=pino&il1pi1ca=jose-carlos-fernandes&il1pi1ps=21&z=848048391

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=O%20%E2%80%9CPL%20da%20maconha%E2%80%9D%20e%20as%20prioridades%20tortas%20da%20C%C3%A2mara&il1pi1id=960eae20-b4ef-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=editoriais&il1pi1ps=22&z=653670831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Por%20que%20os%20dist%C3%BArbios%20internos%20entre%20%C3%A1rabes%20e%20judeus%20s%C3%A3o%20a%20maior%20amea%C3%A7a%20a%20Israel&il1pi1id=7192a5d0-b4f7-11eb-b497-2b2353b9a2f3&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=23&z=745660142

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=%E2%80%9CGuerra%20a%20crimes%20sexuais%20contra%20crian%C3%A7as%20%C3%A9%20cada%20vez%20mais%20tecnol%C3%B3gica%E2%80%9D%2C%20diz%20especialista%20em%20cibercrimes&il1pi1id=808e2860-b4c1-11eb-a9ed-898d61679f0e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vida-e-cidadania&il1pi1ps=24&z=504218226

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Oito%20leil%C3%B5es%20no%20setor%20de%20saneamento%20devem%20movimentar%20R%24%2031%20bilh%C3%B5es%20at%C3%A9%202022&il1pi1id=541432b0-b4cc-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=25&z=885625667

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Acidente%20em%20sinagoga%20deixa%202%20pessoas%20mortas%2C%20incluindo%20menino%20de%2012%20anos%2C%20na%20Cisjord%C3%A2nia&il1pi1id=cf74a030-b683-11eb-81cd-17bb173e0889&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=26&z=1263161272

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=%E2%80%9CLava%20Jato%20deu%20esperan%C3%A7a%20de%20que%20o%20Brasil%20tem%20jeito%20e%20deve%20resistir%E2%80%9D%2C%20diz%20presidente%20da%20Frente%20Contra%20Corrup%C3%A7%C3%A3o&il1pi1id=ca8eff50-b5d6-11eb-8e38-ed45966ef44a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=27&z=2118536920

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Mises%20e%20o%20congelamento%20dos%20alugu%C3%A9is%3A%C2%A0As%20li%C3%A7%C3%B5es%20que%20a%20Am%C3%A9rica%20Latina%20teima%20em%20n%C3%A3o%20aprender&il1pi1id=243fd9b0-b51f-11eb-a288-35b857ad0acb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=artigos&il1pi1ps=28&z=1666130851

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Novo%20indexador%20para%20alugu%C3%A9is%2C%20uma%20proposta%20coerente&il1pi1id=e0b855d0-b520-11eb-b627-4b8b42c02280&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=artigos&il1pi1ps=29&z=682740319

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Una-se%20ao%20movimento%20anticorrup%C3%A7%C3%A3o%20e%20n%C3%A3o%20deixe%20essa%20bandeira%20ser%20esquecida&il1pi1id=cea109ba-e58b-48c0-8b80-4197022161c2&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=30&z=1954472617

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=N%C3%BAmeros%20da%20Covid-19%3A%20acompanhe%20o%20avan%C3%A7o%20da%20doen%C3%A7a%20no%20Brasil%20e%20no%20mundo&il1pi1id=b92fa6f1-e32b-4096-be30-99217fe7a2f2&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=31&z=791939166

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
17ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Domingo%20tem%20mais%205.083%20casos%20e%2073%20mortes%20registradas%20por%20Covid-19%20no%20PR&il1pi1id=ed650fd0-b67e-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=parana&il1pi1ps=32&z=317960678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
18ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Paulo%20Affonso%20Gr%C3%B6tzner%3A%20deixou%20como%20heran%C3%A7a%20rel%C3%ADquias%20da%20hist%C3%B3ria%20de%20Curitiba&il1pi1id=415aee30-b4e9-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=curitiba&il1pi1ca=parana&il1pi1ps=33&z=1926103924

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
18ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Pol%C3%ADcia%20identifica%20e%20faz%20buscas%20por%20%E2%80%9Cserial%20killer%E2%80%9D%20de%20homossexuais%20no%20PR%20e%20em%20SC&il1pi1id=17ec0290-b689-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=parana&il1pi1ps=34&z=1103739932

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
18ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=O%20telhado%20cultural%20de%20Curitiba&il1pi1id=5fe4ae30-b350-11eb-9e49-ed09bdae7c6a&il1pi1pr=0.00&il1pi1br=pino&il1pi1ca=dante-mendonca&il1pi1ps=35&z=487213991

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
18ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Maior%20evento%20de%20cultura%20pop%20do%20Paran%C3%A1%2C%20Shinobis%20inspira%20novo%20pub%20em%20Curitiba&il1pi1id=5a8b8680-b40d-11eb-bb30-f79f95941ede&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=restaurantes&il1pi1ps=36&z=1497977669

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
18ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=%E2%80%9CTemos%20que%20seguir%20trabalhando%E2%80%9D%2C%20resume%20Mor%C3%ADnigo%20ap%C3%B3s%20elimina%C3%A7%C3%A3o%20do%20Coritiba&il1pi1id=1e7f7a60-b64d-11eb-ae64-61796228bba6&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=37&z=472363247

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
18ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Coritiba%20foi%20um%20desastre.%20Est%C3%A1%20fora%20e%20machuca%20o%20seu%20torcedor&il1pi1id=388f7eb0-b64c-11eb-9e77-a51b60cdde5f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=38&z=1719316970

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
18ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Follador%20e%20o%20perigoso%20costume%20da%20derrota%20no%20Coritiba&il1pi1id=a79f60c0-b649-11eb-ae64-61796228bba6&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=39&z=217850571

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
19ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Lazaroni%20admite%20oscila%C3%A7%C3%A3o%20no%20estadual%20e%20projeta%20mata-mata%3A%20%E2%80%9CEquil%C3%ADbrio%20e%20estrat%C3%A9gia%E2%80%9D&il1pi1id=f463a480-b64d-11eb-ae64-61796228bba6&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=40&z=1684634987

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
19ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Maur%C3%ADlio%20projeta%20Paran%C3%A1%20e%20Athletico%20e%20cobra%20FPF%20por%20jogo%20na%20quarta-feira%3A%20%E2%80%9CEspero%20que%20n%C3%A3o%20mude%E2%80%9D&il1pi1id=4c86bfb0-b5a6-11eb-ac0d-af39e211c5a9&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=41&z=1279363889

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
19ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=No%20Twitter%2C%20Paran%C3%A1%20provoca%20o%20Coritiba%20por%20desclassifica%C3%A7%C3%A3o%20no%20Paranaense&il1pi1id=cf40baa0-b5a1-11eb-b94e-f796f3d13427&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=42&z=1271010990

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
19ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=FPF%20muda%20data%20de%20jogo%20de%20volta%20de%20Athletico%20e%20Paran%C3%A1%20na%20Arena&il1pi1id=8c327cd0-b650-11eb-9711-55f013ecc167&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=43&z=13475791

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
19ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Luiza%20Trajano%20abre%20maratona%20de%20inova%C3%A7%C3%A3o%20%E2%80%9CSocial%20Hackacom%E2%80%9D&il1pi1id=ccccfdc0-b4ec-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=gazz-conecta&il1pi1ps=44&z=970815387

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
19ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Fraudes%20milion%C3%A1rias&il1pi1id=3442d490-b351-11eb-9e49-ed09bdae7c6a&il1pi1pr=0.00&il1pi1br=pino&il1pi1ca=notas-baquicas&il1pi1ps=45&z=1710399031

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
19ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Chile%20realiza%20segundo%20dia%20de%20elei%C3%A7%C3%B5es%20para%20Assembleia%20Constituinte&il1pi1id=18a419e0-b687-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=46&z=314513180

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
19ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Nosso%20luto%20seletivo&il1pi1id=497530d0-b520-11eb-b627-4b8b42c02280&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=artigos&il1pi1ps=47&z=264935203

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
20ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Atriz%20Eva%20Wilma%20morre%20aos%2087%20anos&il1pi1id=2817d250-b654-11eb-9711-55f013ecc167&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=cultura&il1pi1ps=48&z=1308454723

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
20ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=O%20Papo%20%C3%89%20%2326%3A%20CPI%20da%20Covid%2C%20um%20palanque%20para%202022&il1pi1id=267908f0-b5b0-11eb-9c64-299ebb0272ff&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=49&z=1499835585

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
20ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Cl%C3%A1ssico%20%E2%80%9CNada%20%C3%A9%20Para%20Sempre%E2%80%9D%20oferece%20oportunidade%20de%20contempla%C3%A7%C3%A3o&il1pi1id=719b2560-a829-11ea-8690-b7488a9f0453&il1pi1pr=0.00&il1pi1br=cultura&il1pi1ca=ideias&il1pi1ps=50&z=761912095

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
21ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Que%20fim%20levou%20Jos%C3%A9%20Geraldo%20Vieira%3F&il1pi1id=f9b9d020-b4fa-11eb-b497-2b2353b9a2f3&il1pi1pr=0.00&il1pi1br=cultura&il1pi1ca=ideias&il1pi1ps=51&z=320481905

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
21ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=N%C3%A3o%20existe%20a%20menor%20possibilidade%20de%20um%20corrupto%20ser%20feliz&il1pi1id=48ad61b0-b4d8-11eb-893d-bfc914b5ec37&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=polzonoff&il1pi1ps=52&z=1254986867

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
21ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Elas%20trocaram%20festa%20de%20formatura%20por%20trabalho%20volunt%C3%A1rio%20e%20hoje%20auxiliam%2070%20mil%20pessoas&il1pi1id=175cbce0-b673-11eb-aead-f51e255a0241&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=virtudes-e-valores&il1pi1ps=53&z=2025891593

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
22ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Uma%20inf%C3%A2ncia%20cercada%20de%20carinho%20%C3%A9%20a%20chave%20para%20um%20casamento%20duradouro&il1pi1id=59c6a22ab0ea4339f8a054ba7d51caed&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=casamento-e-compromisso&il1pi1ps=54&z=1716984670

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
22ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Filhos%20de%20pais%20al%C3%A9rgicos%20ter%C3%A3o%20alergia%3F%20Veja%20mitos%20e%20verdades%20sobre%20o%20tema&il1pi1id=dfb53910-b5a1-11eb-925f-352833ccc7ea&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=saude&il1pi1ps=55&z=1712535596

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
22ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=A%20geleia%20de%20laranja%20mais%20f%C3%A1cil%20do%20mundo%20que%20voc%C3%AA%20pode%20fazer&il1pi1id=2b87e450-b34a-11eb-abee-03f5385d5ff5&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vosso-blog-de-comida&il1pi1ps=56&z=1017728091

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
22ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=N%C3%A3o%20%C3%A9%20s%C3%B3%20o%20a%C3%A7%C3%BAcar!%20Conhe%C3%A7a%20mais%20alimentos%20que%20aumentam%20a%20ansiedade&il1pi1id=95da72d0-b4af-11eb-b7d5-37c03f3b7778&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=saude&il1pi1ps=57&z=1266155412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
22ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Especial%20Lava%20Jato%3A%20inspira%C3%A7%C3%A3o%20italiana%20e%20os%20recados%20da%20Justi%C3%A7a%20e%20dos%20pol%C3%ADticos&il1pi1id=42b9bb30-b7b6-11e9-96d3-6195e13c2fd4&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=58&z=214572437

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
22ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Era%20das%20Trevas%3F%20A%20verdadeira%20hist%C3%B3ria%20da%20iluminada%20Idade%20M%C3%A9dia&il1pi1id=6e8ae520-b428-11eb-875b-7746cbd8ec2f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=59&z=1809309539

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
23ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Especial%20Lava%20Jato%3A%20o%20%E2%80%9Ccontra-ataque%E2%80%9D&il1pi1id=7f93bc80-b3f5-11eb-bfa9-6d75d86756d2&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=60&z=1466316334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
23ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=%E2%80%9CO%20Tigre%20Branco%E2%80%9D%20mostra%20a%20ascens%C3%A3o%20financeira%20num%20mundo%20sem%20moral&il1pi1id=b0a61680-b420-11eb-84fb-6f574c5dc335&il1pi1pr=0.00&il1pi1br=cultura&il1pi1ca=ideias&il1pi1ps=61&z=610248555

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
23ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Especial%20Lava%20Jato%3A%20os%20conflitos%20entre%20Lula%20e%20a%20Opera%C3%A7%C3%A3o&il1pi1id=32608ea0-b262-11eb-9664-8bedfda48389&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=62&z=702041054

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
23ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=O%20que%20falta%20para%20o%20Brasil%20produzir%20insumos%20da%20vacina%20contra%20Covid-19%3F%20Entenda%20em%201%20Minuto&il1pi1id=6597b8c0-b41f-11eb-8d21-55e545bfcd50&il1pi1pr=0.00&il1pi1br=saude&il1pi1ca=republica&il1pi1ps=63&z=1648901424

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
23ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Defesa%20da%20vida%3A%20jovens%20se%20unem%20para%20denunciar%20a%20cultura%20do%20aborto%20e%20salvar%20beb%C3%AAs&il1pi1id=731cc630-b360-11eb-a21b-751ed1246604&il1pi1pr=0.00&il1pi1br=vida-e-cidadania&il1pi1ca=cristina-graeml&il1pi1ps=64&z=795831726

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
23ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Por%20dentro%20das%20pesquisas%3A%20Lula%20x%20Bolsonaro%20e%20um%20pa%C3%ADs%20dividido&il1pi1id=a40845a0-b33b-11eb-8284-272359f31f7c&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=alexandre-borges&il1pi1ps=65&z=1750150092

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
24ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=O%20que%20explica%20a%20briga%20interna%20no%20Mercosul.%20Assista%20a%20Entenda%20em%201%20Minuto&il1pi1id=4d353180-b31c-11eb-b2f2-a9b0dc1a9d89&il1pi1pr=0.00&il1pi1br=mundo&il1pi1ca=republica&il1pi1ps=66&z=1865866243

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
24ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Carta%20%C3%A0%20Science%20quebra%20%E2%80%9Cmorda%C3%A7a%E2%80%9D%20da%20narrativa%20sobre%20a%20origem%20da%20Covid&il1pi1id=9e65fee0-b5d8-11eb-9ae7-81ff5f94a672&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=mundo&il1pi1ps=67&z=896093823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
24ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Para%20garantir%20palanque%20a%20Lula%2C%20PT%20abre%20m%C3%A3o%20de%20candidaturas%20nos%20estados&il1pi1id=fb8c2660-b67f-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=2022&il1pi1ca=republica&il1pi1ps=68&z=1974711600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
24ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=A%20morte%20de%20Bruno%20Covas%20e%20o%20%C3%B3dio%20pol%C3%ADtico&il1pi1id=a7cc0880-b669-11eb-9df5-1189978eb9e8&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=diogo-schelp&il1pi1ps=69&z=1070678083

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
24ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Quem%20%C3%A9%20Ricardo%20Nunes%2C%20vice%20de%20Bruno%20Covas%20que%20vai%20assumir%20Prefeitura%20de%20S%C3%A3o%20Paulo&il1pi1id=35fd0fd0-b653-11eb-9711-55f013ecc167&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=70&z=1645478060

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
24ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Prefeito%20de%20S%C3%A3o%20Paulo%2C%20Bruno%20Covas%20morre%20de%20c%C3%A2ncer%206%20meses%20ap%C3%B3s%20ser%20reeleito&il1pi1id=82bafab0-b646-11eb-9e77-a51b60cdde5f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=71&z=1769996819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
24ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Como%20a%20pandemia%20afetou%20a%20estrat%C3%A9gia%20das%20empresas%2C%20e%20que%20li%C3%A7%C3%B5es%20ela%20deixou&il1pi1id=3c7b7210-b5a0-11eb-b94e-f796f3d13427&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=72&z=1199359542

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
24ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=PSD%20se%20afasta%20de%20Bolsonaro%2C%20afaga%20Lula%20e%20mira%20governos%20de%20SP%2C%20MG%20e%20RJ%20em%202022&il1pi1id=68629ee0-b4eb-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=73&z=481114840

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
24ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Oito%20leil%C3%B5es%20no%20setor%20de%20saneamento%20devem%20movimentar%20R%24%2031%20bilh%C3%B5es%20at%C3%A9%202022&il1pi1id=541432b0-b4cc-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=74&z=866687107

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
24ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Texto%20%C3%BAnico%20ou%20fatiado%3A%20quais%20os%20rumos%20da%20reforma%20tribut%C3%A1ria%20no%20Congresso&il1pi1id=608c6990-b445-11eb-996a-57f8a776742d&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=economia&il1pi1ps=75&z=914701580

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 18ms
14ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=2019157809.1621201778&jid=1872034572&gjid=59379077&_gid=581254656.1621201782&_u=6GjAAEALQAAAAC~&z=1002314927

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 16 May 2021 21:49:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 2FE5 111 KB
38 KB 15ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 20:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4859
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 May 2021 20:28:43 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/ Frame 2FE5 8 KB
3 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N900445.2799004IGNITIONONEMX/B25828797.302510569;dc_ver=71.206;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=943508953;ord=kn7153;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfazQdZOhYIGNGt7Y7_UPqcIc9cfjx2KKmc-N8w3c2R4QASDSj8YeYPuBgICICqABsOnnwQLIAQmpAs6P_jB0YLQ-qAMBqgTiAU_QLFBJZ9aTplrjWDKqEq_icixNN_Hf23wMlRlnECKknhQkb0mZsu5L0N2OphowMgyA_hXTEqtG16bIT-9PGodqrUiNHXy78WIr-FSP0u5EIl7s0ZLg_d8lJd3uJf8SBbAB6Aebdn25mYivOpOGfmqbzx5SUwf_gz6CNEyMyo19EMrXmj4QKaVzFQSdfszmTCR5a2tRPAMjhQhtTii8uRkAjtppZeWryuB5vbc-okqCXazHua78O2A8r-oITt54BprYapmZQGly8uUlZFCM2iao4b5XHa4NYhHlI9Hgmj5ZMrTABPKi2LPQA-AEA5AGAaAGTYAHuJaYvgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE62DtQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRorRXHobZZJ_QWmw9DTxgqew%26sig%3DAOD64_1mHbK3afpWTQtwSdHn4aeFx1JbiA%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-BTb5czZp254eweZdYz4l_nwMgnpnXvSzUqWbDK_v1CFyCoABCI6In7vh1hYcV68eEtgtzsNkpnB2YVh4delPqdAb-eqwZarfk2C5QiyCmExWC5kdYRoqoN-ZzYZ4RhIM06TzhRkVa1r5GxKUvG3xvXjHqDLg%26dbm_d%3DAKAmf-BgLmfBh980nQZTBJE4CnBmYzXEyN5jXB5rstuG4KymgD0ZY38QG3iYm5Rvy0z_-Nd6ZOVh1ns0IpbPGIiZbqZZxJWth_qPB6wpDNuY8vsFfLSbXbkQZX35Ee2SIuWvjhfcIwlH7KQRV2HquuGICLiXNueo7G32RU6QPl-Kpq5DxIlN0Ma7VeOwNTsKWjltqqXP7IGvl-v44Iem9jlDv8XWpnL6iM1x_DTRq-UFHAYgnGRKD8mxVec8Wa9LuxwBysH06hkHOsuRil9_lrAFWBzk7GOcK6BWP2XcyC_8qi5ZQcdMPwYzD4ZcScOs0ESnH8fNM7qvDrikIE22MPoyMI0Zr_w88CZag23py1WPzu2Ol-D3AP9oWOBkrkgHp4YLdxKy_nVPgz8C_51vnX5YHGfditEWhKGA3_djMmpA_GrjTqW5PTqkXaLmTQc_01qnlyVgTKWRgzEiG2p6s_UX937uRZvOnA%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.gazetadopovo.com.br%2F$0;xdt=1;crlt=Jizo)CWBu2;osda=2;sttr=33;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 21:47:50 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2FE5 41 KB
15 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 08:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221582
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 08:16:40 GMT

GET
H3-29 404 mraid.js
9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FE5 0
0 16ms
13ms Script
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/mraid.js

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
x-content-type-options: nosniff
server: sffe
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1591
x-xss-protection: 0
content-type: text/html; charset=UTF-8

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
17ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=2019157809.1621201778&jid=1872034572&_u=6GjAAEALQAAAAC~&z=828817938

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=2019157809.1621201778&jid=1872034572&_u=6GjAAEALQAAAAC~&z=828817938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.gr.19.8.198.js Show response
static.adsafeprotected.com/ Frame 2FE5 182 KB
58 KB 147ms
65ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/706877/54379466/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 15:54:21 GMT
server: nginx/1.16.1
etag: W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 32C5 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 16 May 2021 03:14:09 GMT
expires: Mon, 17 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 66933
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2FE5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17683bcd2cca80076f7b8297e67f76fff0e40188479310e58523ff63ee171586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0FF5 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 15 May 2021 14:11:47 GMT
expires: Sun, 15 May 2022 14:11:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 113875
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ugoc365q9.js Show response
cdn.krxd.net/controltag/ Frame 2FE5 69 KB
11 KB 75ms
23ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/ugoc365q9.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7a55d1bed6b3ef1db79ff0d7a6bb932099599a97cca2e4d2ceb069b7a908c637

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 16 May 2021 21:49:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 338
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 10788
x-served-by: config-service-a004-ash-prod.krxd.net, cache-bwi5128-BWI, cache-hhn4058-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1621201782.384810,VS0,VE0
etag: "d4bdf10bd2d5496fa5e5684592697811bd8a6324"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 3

GET
H3-29 200 728x90.html Show response
s0.2mdn.net/8573542/1619711236227/ Frame 37B4 6 KB
2 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8573542/1619711236227/728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54a68f492921d1cfe7f8453d7b83502bebf6b4a27b9cdf4e7f5a51ad608db6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8573542/1619711236227/728x90.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2307
date: Sun, 16 May 2021 12:38:25 GMT
expires: Mon, 17 May 2021 12:38:25 GMT
last-modified: Thu, 29 Apr 2021 15:47:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 33077
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2FE5 0
60 B 58ms
58ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssILrToY-kIDV-zm0tx63E32nGxNbitjCcPdhp7HPXwdaThDmmBHyxrtUkjpPCKEWSlmzxwpVS9SuQjneTcG1bO7WfXgXiZwWxazeMbq1qOASnaxDOBw3xWm8K9mVn-xmfGrq5hXNqrMrVkhsEFVpYSWSM&sig=Cg0ArKJSzMERtcOLjgbHEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=83&cbvp=1&cstd=82&cisv=r20210511.10763&adurl=

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 21:49:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET /
google2waycm.netmng.com/cm/ Frame 32C5 0
0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 32C5
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOvN75PKOG8vQqByvlWnYho&google_cver=1&google_push=AQvitUKqn2c5UkZB5zXjXhWcyAeU9aVpytrdeAQguegXJ2F7wA7JNrbvZg15w_6Zl9NsNBjN0rSH_O0Sp2eZL2RIaFjSo8GwWbAy
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg4ODgxNTgyNDAzNDI0OTk3Ng==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBrFwVVrsuk2tvgLRjmT9r0&google_cver=1

43 B
407 B

39ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBrFwVVrsuk2tvgLRjmT9r0&google_cver=1
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEBrFwVVrsuk2tvgLRjmT9r0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 32C5 0
104 B 91ms
61ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKkWJ81TxYdVqOlYMRAor6c&google_cver=1&google_push=AQvitUJWMGCLcphU47Nr3V6-G2uXGezC7WJBolxPAupKEwT1pczenNAoAQKvMHyuivMaMDlM8_de2TQsO7VYCAqo4hK5gIpDatkl0w
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 32C5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcXbY_bhBVOPkqUQoiKg8E&google_push=AQvitULGihfDN4l46rETJ89NYrKxa6EtCo1QxVIVxkGPFB4uiiqrbh6Zlo...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcXbY_bhBVOPkqUQoiKg8E&google_push=AQvitULGihfDN4l46rETJ89NYrKxa6EtCo1QxVIVxkGPFB4uiiqrbh6ZloDJYojp2w3g-CkIsQ-Q7T9eBfGgRV7JUkBqPdkeWafe

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1621201782.449163,VS0,VE93
x-served-by: cache-hhn4022-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcXbY_bhBVOPkqUQoiKg8E&google_push=AQvitULGihfDN4l46rETJ89NYrKxa6EtCo1QxVIVxkGPFB4uiiqrbh6ZloDJYojp2w3g-CkIsQ-Q7T9eBfGgRV7JUkBqPdkeWafe
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
d5p.de17a.com/cookies/ Frame 32C5 35 B
134 B 140ms
45ms Image
image/gif 213.155.156.183
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_gid=CAESECL-YzMd0uwZaZC2cYTf0NQ&google_cver=1&google_push=AQvitUKE6LzyH16JzEkv2JPcZaVIHOBTU-Kbm0THTTHe9nn_AKQaPnSi_ptj7Z5FRi9SgpW3_qVtfod2HJKllq3Hv0OgYrSs5aXl
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.183 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS: 213-155-156-183.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 32C5
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECjGyppq4gmyj9bGsYY-Atg&google_cver=1&google_push=AQvitUKYFBr57KyiVRNjp9jIcs3ACFSbVsfzagsFCzGdqnEHW0RK9r_HKyxIYkFAzRyAe2gWI1RMNFXl-NDCG1WZfYBT_DDW3hnb
https://rtb.openx.net/sync/dds?google_gid=CAESECjGyppq4gmyj9bGsYY-Atg&google_cver=1&google_push=AQvitUKYFBr57KyiVRNjp9jIcs3ACFSbVsfzagsFCzGdqnEHW0RK9r_HKyxIYkFAzRyAe2gWI1RMNFXl-NDCG1WZfYBT_DDW3hnb&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKYFBr57KyiVRNjp9jIcs3ACFSbVsfzagsFCzGdqnEHW0RK9r_HKyxIYkFAzRyAe2gWI1RMNFXl-NDCG1WZfYBT_DDW3hnb&google_hm=7wbiRRH5yhIT-5A0vgs7FQ==

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKYFBr57KyiVRNjp9jIcs3ACFSbVsfzagsFCzGdqnEHW0RK9r_HKyxIYkFAzRyAe2gWI1RMNFXl-NDCG1WZfYBT_DDW3hnb&google_hm=7wbiRRH5yhIT-5A0vgs7FQ==

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:41 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKYFBr57KyiVRNjp9jIcs3ACFSbVsfzagsFCzGdqnEHW0RK9r_HKyxIYkFAzRyAe2gWI1RMNFXl-NDCG1WZfYBT_DDW3hnb&google_hm=7wbiRRH5yhIT-5A0vgs7FQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: k8p815o8f8h1c0d3sfee4fdl4r8g6m5b

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 32C5
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEG2XjgT_Koq1di-UuPN4PyM&google_cver=1&google_push=AQvitUIEHsoPL53CPy5LySz94gazbhgpahuB0b9u7iryT8jwuMxifEATgzJUJzXV-7Af7uRCZc0kmk...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUIEHsoPL53CPy5LySz94gazbhgpahuB0b9u7iryT8jwuMxifEATgzJUJzXV-7Af7uRCZc0kmk-EDewCBvwsVY4yvm5527VggA&google_hm=MzY3MDM3...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUIEHsoPL53CPy5LySz94gazbhgpahuB0b9u7iryT8jwuMxifEATgzJUJzXV-7Af7uRCZc0kmk-EDewCBvwsVY4yvm5527VggA&google_hm=MzY3MDM3OTExMTc1MjYxMzE4Mw%3D%3D

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUIEHsoPL53CPy5LySz94gazbhgpahuB0b9u7iryT8jwuMxifEATgzJUJzXV-7Af7uRCZc0kmk-EDewCBvwsVY4yvm5527VggA&google_hm=MzY3MDM3OTExMTc1MjYxMzE4Mw%3D%3D
date: Sun, 16 May 2021 21:49:41 GMT
content-length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 32C5 0
12 B 34ms
31ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbrEEtW-F-kDG8vARU_61r-s-X8MPowU8JMflVuSWQx9wqkEoSXhfH0MOtTfr5c1akUJlr

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 37B4 236 KB
63 KB 36ms
16ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/8573542/1619711236227/728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sun, 16 May 2021 22:04:42 GMT

GET
H3-29 200 728x90.js Show response
s0.2mdn.net/8573542/1619711236227/ Frame 37B4 72 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8573542/1619711236227/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8573542/1619711236227/728x90.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed8812944aa8ba9f40a5ceaf319b0a1f65a173eb9914de31bb352e1812b77945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8573542/1619711236227/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30239
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14821
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 15:47:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 17 May 2021 13:25:43 GMT

GET
H3-29 200 DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0FF5 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 03:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 65993
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Mon, 16 May 2022 03:29:49 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECC1 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bjdi-dZOhYMG9MILC7_UP1PCY2AgAAAAAOAHgBAI&bg=!s7ClsPTNAAY59bwoOfU7ACkAdvg8Wt6K9wI3lUPAEQDj2P5RDp6SgvVxJzPkujhzPyaklUjokwj3wAIAAAHyUgAAAA1oAQeZApRAYyLdZEWz9a1Pgs6yGqCszSglbX8FmCuZzuQbFx9rr6AExQPWCI_21DOPfluYkYqpigcafMhhx7y75NNtvy58QVOHYAwXtlDRENTaZw3eWp7WJAVGJo9-jW3MOcUPqqCymcCGsxcShoR9vmExrc6gqAgaMDRr0D5LiLFvBRjFw9g2KmY7Dp4ggpZQR-QcbamI2KrBwy_HWyAsdgiuV5AZSHDdWJEH65O-AhDvzSD_WhIIWr61wWa2yuR89LuN4umo3ZS3DJQtBGga3-pLg4Jj72AEyfrTGEvTqClad4wf1_eo1_r_h8kS7UuRThh9H2uRJhTlCICPE6NykxjO2ZX17ykQNqQid4vNTklRDOSn_Pepd4yTZ9kmn0mt46g8nvWPU_oj9aaAOO2uNzybiZIto17fB2yZXKM0J6LcHXYBqkP1_dIkfyVMuR4dw5fmak1sT0kI2131U5KfmBRNODMD8D4WYaae_Hv7KJNKxgVmVHAz2h6gWLLEOm5gNYFak96FWWmdVBtMNv3YiDGp9ODYdLxrXE4D9KDjStpeil6VaM9i5quWCDFmyQnArEP8XKmbmlzEGf2Ewd7vHiqkerfpFdC5k_yHCA2e1a6sV2RkZwjA5pOWERYNxRo81u1cNpTwbMufyS-CtFV0N_ptKiDBqhnYYKJi9MOzKyBBC794PL4UNCWCwMC43HewHzFt6xb6E8ephfqe2hkAFck44D5LRFV6PCb9S5yvO9q5lZW86-Lb6_6G0JA7jTOQqcKKIvuJ7g6N5j4abfa9cyhcDRjlMNfzaTBjGdiV0k4TSBn6G-f111Ok3WKakZiR84aGeuPbjo-xSO7fGMID6IGpPt8BYol-N9T0rmtBAZRet4iMty9kjvw

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ Frame 2FE5 259 KB
83 KB 24ms
24ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/ugoc365q9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sun, 16 May 2021 21:49:42 GMT
content-encoding: gzip
age: 1532845
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1249827
content-length: 84451
x-served-by: cache-hhn4058-HHN
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1621201782.429541,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H3-29 200 image01.jpg
s0.2mdn.net/8573542/1619711236227/ Frame 37B4 38 KB
38 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8573542/1619711236227/image01.jpg

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43671f156b8198fa4c99e10f14c61c26cf0689b96b4c1619ffe714012148c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8573542/1619711236227/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:25:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 15:47:16 GMT
server: sffe
age: 30239
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38885
x-xss-protection: 0
expires: Mon, 17 May 2021 13:25:43 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2FE5 0
23 B 59ms
59ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 21:49:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 image02.jpg
s0.2mdn.net/8573542/1619711236227/ Frame 37B4 24 KB
24 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8573542/1619711236227/image02.jpg

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8003de49ad6d72dbd6f6ec582e7de44946d990e18f763a8601089c901d0c0d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8573542/1619711236227/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:25:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 15:47:16 GMT
server: sffe
age: 30238
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24571
x-xss-protection: 0
expires: Mon, 17 May 2021 13:25:44 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 2FE5
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/706877/54379466/skeleton.js?adsafe_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9e964e6c53f0a53421cff3c505e22316.safe...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

39ms
39ms

Script
application/javascript

54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 4510546
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 2226 82 KB
21 KB 44ms
44ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 336128
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 image03.jpg
s0.2mdn.net/8573542/1619711236227/ Frame 37B4 18 KB
18 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8573542/1619711236227/image03.jpg

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00f5043ee153fd075a23d1bb83ac0790167dee2be0ce7677a265f3bd1fdb7813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8573542/1619711236227/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 13:25:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 15:47:16 GMT
server: sffe
age: 30238
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18431
x-xss-protection: 0
expires: Mon, 17 May 2021 13:25:44 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 2FE5 0
337 B 101ms
32ms Image
text/plain 34.255.31.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=25828797&advertiserid=8573542&placementid=302510569&adid=495011396&creativeid=150128002&siteid=5223354&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=44f6f1a3-1654-4125-9433-56846fa756e8&confid=ugoc365q9
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.31.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-31-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1621201782
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-29 200 container.html Show response
9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C6C4 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js?31061140

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 16 May 2021 21:49:40 GMT
expires: Mon, 16 May 2022 21:49:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D8AB 334 KB
115 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.dynad.net
URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74bdfeec83247edd199110ac967f48433637c2cd8dcac06c4de540abb3393e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117163
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:42 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2FE5 43 B
216 B 295ms
95ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=706877&asId=e32cd4bc-89d9-e6ce-7eb4-3dad6a76cc4c&tv=%7Bc:cOVMG1,pingTime:-2,time:316,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:15,bdZ:139,beA:512,beZ:513,mfA:728,cmA:729,inA:729,inZ:732,prA:732,prZ:736,si:742,poA:743,poZ:751,cmZ:751,mfZ:751,loA:789,loZ:791,ltA:828,ltZ:828%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:728,h:90,t:229%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:316,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:229,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B98~1%5D,as:%5B98~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sxC5sDf+11%7C12%7C131%7C14%7C15%7C16%7C171%7C172%7C173%7C174%7C175%7C18%7C19%7C1a%7C1b*.706877-54379466%7C1b1%7C1b2%7C1b3%7C1b41%7C1b5,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:85,readyFired:true%7D&br=u
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-116-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
x-server-name: dt66.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 44f6f1a3-1654-4125-9433-56846fa756e8 Show response
consumer.krxd.net/consent/get/ Frame 2FE5 237 B
429 B 103ms
50ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/44f6f1a3-1654-4125-9433-56846fa756e8?idt=device&dt=kxcookie&callback=Krux.ns.volvoemea.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 945df570e3544b239652f3404cfa6d5317668e3ffa5996700993251508a8029d

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a008-dub-prod.krxd.net, cache-hhn4072-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1621201783.673869,VS0,VE27
content-length: 190
x-cache-hits: 0, 0

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/ Frame A26A 4 KB
1 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c97fea4b5ca3bbd1127731b895a86921e99d914971ae60beea7c51bd613dcb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12132108151055701416/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1334
date: Tue, 11 May 2021 11:19:37 GMT
expires: Wed, 11 May 2022 11:19:37 GMT
last-modified: Tue, 11 May 2021 07:47:40 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 469805
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C6C4 0
0 60ms
59ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpyQcdpOhYIjFA6iU7_UP59al6A285aniYpjzl42RDtzZHhABINKPxh5g-4GAgIgKoAHq_KzOA8gBCakCzo_-MHRgtD7gAgCoAwHIAwiqBOYBT9CqesdpLhe1oKwhN8Q-wX2zPtX5MjVxa8PTkR-C9qm1TeZ0LPHAgX7XoMTETuuqALGrrT7DRBEPISXvJ42-ERwsxynA1mivWTlQ14Bg9pvBcOoN7h42kvh-rW1UDiFcKy7gFzj-bdjl-ZzgH4la8MYVy8CvuVHvUI3rW2-U0aNZnbv1JM3HrwNUj4QkESXkjZsdijb3HSJQuABKV-CAtUc_j1EjDNs8ybseWya4554ZR5RcCCjkIEjgKAdnpRV59qJmHOPB4Vch6rCYm2MXRgjE5IKx4p9-d2Mj0CsiSEF7ksHcUDnABLqoqNjLA-AEAZIFBAgEGAGSBQQIBRgEoAYugAf-gtMxqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJOwAtIICQiA4YAQEAEYHYAKA8gLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi02MzMwNzkxMDk0MjYwMTQ5&sigh=5kJ-jat5IV4&template_id=419
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame C6C4 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 21:35:15 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame C6C4 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 21:48:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6C4 117 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame C6C4 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:47:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 May 2021 21:47:52 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C6C4 0
0 14ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYRcDy5qG15qiUD1Yjv5wLy7OERFS3I-nrphCdDb0F6akiMfmpxJwtxffgHXcB_EfU66-DjeRhlH98BYjhGubeE0CaoA
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F6FF 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkVsZagR1kzVwbOEY2AQdOMKv4gKjZ-m9Msgd5UOGPyVItHvna2uW6WW3miiuk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 16 May 2021 21:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1223
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A26A 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 23:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 16 May 2021 23:34:05 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A26A 26 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 16 May 2021 23:11:01 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame A26A 87 KB
30 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38341
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 11:10:41 GMT

GET
H3-29 200 vmouse.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/ Frame A26A 4 KB
2 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/vmouse.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd663da386f5e809875f3ad2cbf63a33edeca1d32fd975ccc1542c9658aab092

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 469803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1787
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:39 GMT

GET
H3-29 200 jquery.scrollTo.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/ Frame A26A 2 KB
1 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/jquery.scrollTo.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b83fcee9839111a1815ecc23fc714b7bf2c2f40c0f130d96aa9587d25388970e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 469803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1305
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:39 GMT

GET
H3-29 200 in5.config.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/ Frame A26A 44 KB
13 KB 10ms
9ms Script
application/x-javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/js/in5.config.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01300f75a9a482e057635d1d1d5a232767706eba3f0868d019e004f053ba4495

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 469802
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:40 GMT

GET
H3-29 200 pages.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/css/ Frame A26A 19 KB
5 KB 9ms
9ms Stylesheet
text/css 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/css/pages.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f46ae63e1f30f9c5b6f1422fe0e4b8c79b902ea76e38ed9328d8d7d8a6add24

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 469803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5183
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:39 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:39 GMT

GET
H3-29 200 loading.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame A26A 6 KB
6 KB 7ms
6ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/loading.gif

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3036bee9f749fdca0544a5592ce8da4204fab8f2b68edc6ac3905c90266014d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 469802
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:40 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:40 GMT

GET
H3-29 200 item_234.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame A26A 10 KB
10 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_234.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ffa15d880b918a604c4bf5a316fc700d8f71b6b06335074fdf0018cf34ccf8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 469802
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10593
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:40 GMT

GET
H3-29 200 item_248.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame A26A 5 KB
5 KB 14ms
11ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_248.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19f0180a799683bba1c03944f8f93145928c9bb079907025329d14260f2b2ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 469802
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5099
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:40 GMT

GET
H3-29 200 item_289.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame A26A 10 KB
10 KB 13ms
10ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_289.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ffa15d880b918a604c4bf5a316fc700d8f71b6b06335074fdf0018cf34ccf8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 469801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10593
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:41 GMT

GET
H3-29 200 item_282.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame A26A 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_282.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

593e3f4cea11f807d0e6950fbf1fe559b0badeb75aa87a4b040600eafb9fd5db

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 469801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3089
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:41 GMT

GET
H3-29 200 item_339.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame A26A 10 KB
10 KB 18ms
15ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_339.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ffa15d880b918a604c4bf5a316fc700d8f71b6b06335074fdf0018cf34ccf8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 469801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10593
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:41 GMT

GET
H3-29 200 item_361.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame A26A 2 KB
2 KB 17ms
15ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_361.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685c56af1c171a28b6453dcf77aed041f7bcee6a30efff15247c4248449255a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 469801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1642
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:41 GMT

GET
H3-29 200 item_411.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame A26A 10 KB
10 KB 15ms
13ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_411.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

071dc7f330af3cbf3e8026aacdcbe92c25b80fa573858a19d257407fea385b3f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 469800
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9957
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:42 GMT

GET
H3-29 200 item_394.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame A26A 1 KB
1 KB 14ms
12ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_394.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5355f8dd9c277c28e05f47621a4e9813d6652fb43614ed4273a11be48ca8f34

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 469801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:41 GMT

GET
H3-29 200 item_399.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame A26A 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_399.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d34b670139c7b5662f5c236451f1873b40d53497277ecb0e0859c2ea40f4f734

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 469801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3277
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:41 GMT

GET
H3-29 200 item_242.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/ Frame A26A 4 KB
4 KB 12ms
11ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/assets/images/item_242.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12132108151055701416/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c817675d9f661d56fc48e850c76e7d5fbdec5783a2c191982e740359bb569b8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 469800
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4153
x-xss-protection: 0
last-modified: Tue, 11 May 2021 07:47:40 GMT
server: sffe
date: Tue, 11 May 2021 11:19:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:42 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FF5 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcHAldZOhYOjnNpmT7_UPxZC9kAIAAAAAOAHgBAI&bg=!WlmlWR3NAAY59bwoOfU7ACkAdvg8WofQbkN8cIgp5ZrSRIrtVymb5NEQEj43RnGerXcjmPKtYR470AIAAADLUgAAABtoAQeZApvcFxyG5a3XqfYjmzaqHkcO4pTdaS7HvzR9chGHwi8U_kqvpFKw4C6Fd0EM8oZEhghsyCVRbZY4s5eAmeszfQXCocpQTVbaBbMBHUs02SXz4a650aa4xlPZqXXQ-GY3kjB8UnmgxeCmn7OAvdgg2LMB2425q69fvb4UJALieT574iasbl92mHTpRa0kLA3yvmDNR7XVmetJJ9mY9MemVkD5pyDrjD1u0y1ZxWi0K997ej9ZvOukT6ccc3YqPFdGUvL7QhBtR6KTbYDwoP2PAPrWKhjAK1q1aaEfwmFY9EsbX3LboOqrLxw9RijjOJ-CkQZpFak4NHxb_5nIhjUdBN5Q1pa8yCE6pMAEmnoBDuw8Tb1GqWSIOO4L6T0EFUW4m9rBBdD0asXw9FQljFCt7Qzuo5AJ6tMtqvYyEGhFPJUbz-5Jo-xPuTK3I-h4Y9QM9OYg2VjlTrx032vWf3ygTmdUt8gCs2AcmRvITY7bIw31tonNCH5svLAOcAwrhyYb_J-HAu04RJ84tmOd8uxnV_Hvs7XGVDdeBLaO7xj3OCfCfUpIPe4UPLnIpU2KkOB9TRJJ8bpERWaiNvWF1ftaHXTpWmBgZujikQt0EVvoFnc3gR7ld2TwnBxAABPD2iF6r9U13LwBe4mCtUlexTMn5u0tdhNv3poXnGkUKCB7WQpr48BfOZCiT-YLx0LRXI6PhUM02rKgR3S7g8cy0js5p5-bkF5ip80NUwgoPMOaQiKPi_T_WcrMzLLJBIaxzImFtAjutIkJY00rPlwkrCIDMD-ypvLkqvdydZeq-LaoLNKng_7KdoGWe62OKrMrDyKmwwSGo76cuQxeANSNpz_ZnO6BurmP14Rl67zm1IlZpK5gseNiPYxGQlCFTFAU

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C6C4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a819f2e6ce65128ebc658ae24fb6b0c5f9ec9a2e6c491204ca967b892e91933e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D8AB 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 bridge3.458.0_pt_br.html Show response
imasdk.googleapis.com/js/core/ Frame 07E7 573 KB
188 KB 27ms
8ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e3b76bf5d88736c9b9656cf2810230a811e0e3b7a1e0de037f4345a3e971529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.458.0_pt_br.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.dynad.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.dynad.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191996
date: Wed, 12 May 2021 02:16:50 GMT
expires: Thu, 12 May 2022 02:16:50 GMT
last-modified: Wed, 12 May 2021 01:31:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 415972
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D8AB 44 KB
16 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sun, 16 May 2021 21:49:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D8AB 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.dynad.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 21:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9308 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:39:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 639
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Sun, 16 May 2021 22:39:03 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F6FF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkVsZagR1kzVwbOEY2AQdOMKv4gKjZ-m9Msgd5UOGPyVItHvna2uW6WW3miiuk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 21:49:42 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 16-May-2021 22:49:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 16 May 2021 21:49:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 16 May 2021 21:49:42 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2FE5 43 B
215 B 95ms
94ms Image
image/gif 52.21.116.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=706877&asId=e32cd4bc-89d9-e6ce-7eb4-3dad6a76cc4c&tv=%7Bc:cOVMLP,pingTime:-10,time:676,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1621201782956%7C%7Ca3ac6337eb5b384413dd3667a4eb297b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cee537c70e66d571e62e911b52b5365c5%7C%7Cfa132c161a10141032664b9afe759c5f%7C%7C9316163ba58a123c589e37bfdbefd3ac%7C%7C712e222f608f41440ad22644c9cf7821%7C%7Ccfe111e1cefa4f70fd893f888b62718c%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:848,ecd:40,tsecr:30%7D%7D%7D
Requested by: Host: 9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
URL: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.116.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-116-104.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
x-server-name: dt39.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=O%20%E2%80%9CPL%20da%20maconha%E2%80%9D%20e%20as%20prioridades%20tortas%20da%20C%C3%A2mara&il1pi1id=960eae20-b4ef-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=editoriais&il1pi1ps=76&z=1612257985

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Por%20que%20os%20dist%C3%BArbios%20internos%20entre%20%C3%A1rabes%20e%20judeus%20s%C3%A3o%20a%20maior%20amea%C3%A7a%20a%20Israel&il1pi1id=7192a5d0-b4f7-11eb-b497-2b2353b9a2f3&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=77&z=1787157725

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=%E2%80%9CGuerra%20a%20crimes%20sexuais%20contra%20crian%C3%A7as%20%C3%A9%20cada%20vez%20mais%20tecnol%C3%B3gica%E2%80%9D%2C%20diz%20especialista%20em%20cibercrimes&il1pi1id=808e2860-b4c1-11eb-a9ed-898d61679f0e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vida-e-cidadania&il1pi1ps=78&z=1458333168

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=594716913&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=2019157809.1621201778&uid=&tid=UA-23088598-1&_gid=581254656.1621201782&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Oito%20leil%C3%B5es%20no%20setor%20de%20saneamento%20devem%20movimentar%20R%24%2031%20bilh%C3%B5es%20at%C3%A9%202022&il1pi1id=541432b0-b4cc-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=79&z=704575434

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 04:28:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62490
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 07E7 20 KB
4 KB 415ms
291ms XHR
text/xml 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=%2F8804%2Fparceiros%2Fgazeta_do_povo%2Fin-article&ciu_szs=300x250&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dwww%20gazetadopovo%20com%20br%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26keyword%3Dvideo-auto-play&description_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&correlator=1875841779684715&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&vpa=auto&vpmute=1&sdkv=h.3.458.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2829802952&sdk_apis=2%2C8&sid=BF44F819-95A9-48B5-9530-7D6AA0C18FD9&eid=44725356%2C44739555%2C44741233&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dt=1621201783002&scor=845689254651488&ged=ve4_td1_tt0_pd1_la1000_er17.0.167.300_vi0.0.0.0_vp0_eb16747

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e1b44dd23d067894982c68b81905501ce7b775bc5e03d3f6a7d96c4bc3388233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3726
x-xss-protection: 0
google-lineitem-id: 5681019551
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347846892
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 2FE5 82 B
240 B 33ms
32ms Script
text/javascript 34.255.31.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.volvoemea.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.31.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-31-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fb4f40816efe587f63b97cb25866178f65718b214a333f4f20a1b4b066994445

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:43 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=28 t=1621201783
x-served-by: beacon-n003-dub-prod.krxd.net
content-type: text/javascript

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FE5 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfguxjqv6EkjK22keKARHwd_mLxCm8JG4rSdHLI7TO-fKn0S8UskUL4QOYtWad8FsAC64nnN0MLQ_hK1xdfxvto_jEhFMMPF7NB1nbuEIri7w9rQgwcSDvq_jdyA&sai=AMfl-YQCRRisV1gc0h3yDGohJahK3E4b14OTTFJCsqtp3UByI-vVBiJFam_KS0CPr_BL1U3S1Y9n_W1JLDTzcNSPXycwCBWjLCH3o_MKzaf_cMY3HP5C4mVL5FDKewk&sig=Cg0ArKJSzAsGq2C-q4L4EAE&cid=CAASEuRorRXHobZZJ_QWmw9DTxgqew&id=lidar2&mcvt=1001&p=1100,436,1190,1164&mtos=974,1001,1001,1001,1001&tos=974,27,0,0,0&v=20210514&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2713759382&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621201781770&dlt=7&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FE5 42 B
64 B 39ms
38ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstw_ARycBX41Unr5bzZw01CydSDBDzwTAxeopdyoWjvBN9cUpRvrEjT4BhZQC6K7BGi1i8Rdc_Vt1RFqwN6cX0&sig=Cg0ArKJSzIkTDP22o43mEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210514&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=943508953&rs=6&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 07E7 0
331 B 32ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~korpollr&c=5030016991152&slotId=2515008495576&qqid=CNPXk6OXz_ACFXOAgwcdizQFcw&gqid=d5OhYJfwCIbJ3gP0sY3IBg&fb=ima-html5&sdkv=h.3.458.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&vmfc=9&vhc=0&ghmsh_eids=44725356%2C44739555%2C44741233
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 07E7 0
23 B 59ms
59ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdaAt5p78QajxqcoL_SnrMeUe08V5icLCx-N8ZbKdQ-7H7_7_LmMAyFpM3LjtrD5PYMDg1iK92RpNPCAbg81Y3ikkBgKzXQ7ytMaQNmXKMnUekmR-P8gpe5_iplZ5tJFTpVwL8zdvmUnSbKxnRnDVI-1aJqAaMdZnFdhdC0T4dlGnAF-Sw6s2kLZ3-HWUP4V5GYOqlYu-gt6GG3mBfCgwR8wNjt2Gfg4s2Yx-sJB6OkT9_h3NoRrkWc0BwXn9wq9kf-hLVq1cc88wfoutKHuWd-kqNUarGBl3TOgVL8BSLH61ciyLGeTWZDxfuM9z-S-JE5CA4rLKeZTTwxLyFC2gHDw&sig=Cg0ArKJSzI-u4MRcsnOsEAE&sdkv=h.3.458.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkCjA1IoCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9QABgB&adurl=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame D8AB 0
54 B 12ms
12ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~korpolg4&c=5030016991152&slotId=2515008495576&eee=missing-element&bi=missing-id&ulv=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
t.dynad.net/pc/ 70 B
422 B 196ms
195ms Image
image/png 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003220;ord=1621201783468
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE7 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
server: D3-FE7
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.524 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Sun, 16 May 2021 21:49:43 GMT

GET
H3-29

200

48 Show response
r5---sn-4g5e6ns7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/acao,ctier,... Frame D8AB
Redirect Chain

https://redirector.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/ip,ipbits...
https://r5---sn-4g5e6ns7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/aca...

977 KB
977 KB

17ms
8ms

XHR
video/webm

2a00:1450:4001:5c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/47E19232FAFB5C52885B7A06B2928DA6EF074345.0F9E56EEEA378F0DE78A58E93BBBA81C9D4AD5F8/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:121:131a::2/mm/28/mn/sn-4g5e6ns7/ms/nvh/mt/1621201221/mv/m/mvi/5/pl/48?range=0-999999&file=file.webm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f08f1ad5fcda278838126a53b36968dbe612ea56ec8d33a480700dade37de120

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1000000
client-protocol: quic
last-modified: Wed, 28 Apr 2021 14:54:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: null
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: null
expires: Sun, 16 May 2021 21:49:43 GMT

Redirect headers

date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 717
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r5---sn-4g5e6ns7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/47E19232FAFB5C52885B7A06B2928DA6EF074345.0F9E56EEEA378F0DE78A58E93BBBA81C9D4AD5F8/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:121:131a::2/mm/28/mn/sn-4g5e6ns7/ms/nvh/mt/1621201221/mv/m/mvi/5/pl/48?range=0-999999&file=file.webm
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://s.dynad.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://s.dynad.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621201783486&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&n...
https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621201783486&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&...

64 B
331 B

51ms
50ms

Image
image/gif

99.86.242.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621201783486&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621201783486
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-124.vie50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:43 GMT
via: 1.1 9a736972b021a4b2382c29923f73ce8b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: MP5LiuQBJnBUd_WoiK7ufV_uow-OzWjVzeeDZEI_IrvqPTz9q8Xt-A==

Redirect headers

date: Sun, 16 May 2021 21:49:43 GMT
via: 1.1 9a736972b021a4b2382c29923f73ce8b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621201783486&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621201783486
content-length: 308
x-amz-cf-id: rCkqu5U1a-N9BE-aeUV83IqdeYBw4GsofzEQGDsFjgJKT504lMcfWA==

GET
H2 200 /
t.dynad.net/pc/ 70 B
423 B 201ms
200ms Image
image/png 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003219;ord=1621201783487
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE7 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
server: D3-FE7
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.524 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Sun, 16 May 2021 21:49:43 GMT

GET
DATA 200
OK truncated
/ 873 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 csi
csi.gstatic.com/ Frame D8AB 0
17 B 30ms
16ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~korpom21&c=5030016991152&slotId=2515008495576&ps=0x0&met.4=hvd_lc.korpom21~hvd_src.korpom21~msms_oso.korpom2a~lvlcl.korpom4x&umsem=1&msms_mime0=video%2Fwebm%3B%20codecs%3D%22vp8%2C%20vorbis%22&msms_cs0=350000&msms_ns=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fimasdk.googleapis.com%252Fjs%252Fsdkloader%252Fima3.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame D8AB 0
17 B 27ms
14ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~korpom5j&c=5030016991152&slotId=2515008495576&ps=0x0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fimasdk.googleapis.com%252Fjs%252Fcore%252Fbridge3.458.0_pt_br.html%2523goog_21490772&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame D8AB 0
17 B 26ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~korpom5j&c=5030016991152&slotId=2515008495576&ps=0x0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fs0.2mdn.net%252Finstream%252Fvideo%252Fclient.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame D8AB 0
17 B 24ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~korpom5j&c=5030016991152&slotId=2515008495576&ps=0x0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fredirector.gvt1.com%252Fvideoplayback%252Fid%252Fb48a822c7a239630%252Fitag%252F44%252Fsource%252Fdclk_video_ads%252Frequiressl%252Fyes%252Facao%252Fyes%252Fmime%252Fvideo%25252Fwebm%252Fctier%252FL%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1621223383%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Crequiressl%252Cacao%252Cmime%252Cctier%252Fsignature%252FB331F0A02E3F2B419E2BC9ECD4C1C38B71BD3A87.0CD489E3D07AB5B6518F4E0205DA20E29F3C6A%252Fkey%252Fck2%252Ffile%252Ffile.webm%253Frange%253D0-999999&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 07E7 42 B
64 B 69ms
37ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 07E7 0
23 B 61ms
59ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvEeJXFgCzv3pEG9LbZseRQzKovQ4Pw_n-0a9f3LnIumhkt7mgcHQuXsxODPawgPVG8lK_U-g6qd_08jbHLFIz3XSlobaqIHLM_yuUQGdx_ArYODtdKQuBOzHibP_oRHbN0ToopNtsPGBmQKSRaMKxflKa1RVHQjCIO0-OCYz1aji69f7Bs630MNsF653Q8rbeqQxKkcfQ6Ia5jKxOMW_FH-t1PXFYTb05TZ2cJ1l6KrqvZXhlj9RihEsU_tj7XmuN5I3JmksvEBxe-dI0WUlY1YTSmEzzmnH900zKo1KVhLK2BjIFcl6Ek0RC3azZIol_q7k8P9j9Jw30URmHQ0Y&sig=Cg0ArKJSzAYp_xHjcZ_vEAE&sdkv=h.3.458.0&adurl=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 07E7 42 B
64 B 61ms
38ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BWOvUd5OhYJPACfOAjuwPi-mUmAfzlL_9RQAAABABII7oriE4AFjsubKxgwRg-4GAgIgKsgEXd3d3LmdhemV0YWRvcG92by5jb20uYnK6AQs0ODB4MzYwX3htbMgBBdoBIGh0dHBzOi8vd3d3LmdhemV0YWRvcG92by5jb20uYnIvmALAuAKpAhx7bYdpdIk-wAIC4AIA6gIpLzg4MDQvcGFyY2Vpcm9zL2dhemV0YV9kb19wb3ZvL2luLWFydGljbGX4AoLSHpADyAaYA5wEqAMB4AQB0gUGEJ_19ZQVkAYBoAYjqAfs1RuoB_PRG6gHltgb2AcB4AcP0ggJCIDhgBAQARgd2AgCgAoFmAsB0BUBgBcB&sigh=G8KVP7zRvao&label=vast_creativeview&ad_mt=0&acvw=sv%3D895%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D591%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D474555232%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621201783599%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,aud%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1621201783467&sdkv=h.3.458.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkCjA1IrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IlQFQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 07E7 42 B
64 B 59ms
36ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BWOvUd5OhYJPACfOAjuwPi-mUmAfzlL_9RQAAABABII7oriE4AFjsubKxgwRg-4GAgIgKsgEXd3d3LmdhemV0YWRvcG92by5jb20uYnK6AQs0ODB4MzYwX3htbMgBBdoBIGh0dHBzOi8vd3d3LmdhemV0YWRvcG92by5jb20uYnIvmALAuAKpAhx7bYdpdIk-wAIC4AIA6gIpLzg4MDQvcGFyY2Vpcm9zL2dhemV0YV9kb19wb3ZvL2luLWFydGljbGX4AoLSHpADyAaYA5wEqAMB4AQB0gUGEJ_19ZQVkAYBoAYjqAfs1RuoB_PRG6gHltgb2AcB4AcP0ggJCIDhgBAQARgd2AgCgAoFmAsB0BUBgBcB&sigh=G8KVP7zRvao&label=videoautoplayed&ad_mt=0&acvw=sv%3D895%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D591%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D474555232%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621201783599%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,aud%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1621201783467&sdkv=h.3.458.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkCjA1IrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IlQFQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 07E7 42 B
64 B 40ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseB9txrshRtS5yb_tz8q5JVezC6vgDeGRzz6vDg9yvWWaEOFUMMBCUXSP6yaRKbZ-eNYPSVQ5vkf7LmNboP9L2BW2JOivsFj6xkW31a2I&sig=Cg0ArKJSzF0R9vj42vm9EAE&id=lidarv&acvw=sv%3D895%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D591%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D474555232%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621201783600%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,aud%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1621201783467&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 07E7 42 B
64 B 57ms
35ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BWOvUd5OhYJPACfOAjuwPi-mUmAfzlL_9RQAAABABII7oriE4AFjsubKxgwRg-4GAgIgKsgEXd3d3LmdhemV0YWRvcG92by5jb20uYnK6AQs0ODB4MzYwX3htbMgBBdoBIGh0dHBzOi8vd3d3LmdhemV0YWRvcG92by5jb20uYnIvmALAuAKpAhx7bYdpdIk-wAIC4AIA6gIpLzg4MDQvcGFyY2Vpcm9zL2dhemV0YV9kb19wb3ZvL2luLWFydGljbGX4AoLSHpADyAaYA5wEqAMB4AQB0gUGEJ_19ZQVkAYBoAYjqAfs1RuoB_PRG6gHltgb2AcB4AcP0ggJCIDhgBAQARgd2AgCgAoFmAsB0BUBgBcB&sigh=G8KVP7zRvao&label=part2viewed&ad_mt=0&acvw=sv%3D895%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D591%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D474555232%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621201783602%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,aud%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1621201783467&sdkv=h.3.458.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkCjA1IrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IlQFQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 07E7 42 B
64 B 56ms
35ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BWOvUd5OhYJPACfOAjuwPi-mUmAfzlL_9RQAAABABII7oriE4AFjsubKxgwRg-4GAgIgKsgEXd3d3LmdhemV0YWRvcG92by5jb20uYnK6AQs0ODB4MzYwX3htbMgBBdoBIGh0dHBzOi8vd3d3LmdhemV0YWRvcG92by5jb20uYnIvmALAuAKpAhx7bYdpdIk-wAIC4AIA6gIpLzg4MDQvcGFyY2Vpcm9zL2dhemV0YV9kb19wb3ZvL2luLWFydGljbGX4AoLSHpADyAaYA5wEqAMB4AQB0gUGEJ_19ZQVkAYBoAYjqAfs1RuoB_PRG6gHltgb2AcB4AcP0ggJCIDhgBAQARgd2AgCgAoFmAsB0BUBgBcB&sigh=G8KVP7zRvao&label=admute&ad_mt=0&acvw=sv%3D895%26cb%3Dj%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D9%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D9%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D591%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D474555232%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621201783604%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,aud%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1621201783467&sdkv=h.3.458.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkCjA1IrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IlQFQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C6C4 42 B
64 B 50ms
46ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOX_lT14OusecEPYaezcvUag9x9jztODZpj2xJ978DRUuFJYHcTdbgYl_gw3W9oAcr9Ap0SE9fe7ejDC_ezYxtrxNqBYyFPrs1ANI6VGdcsSJglG_BPojcqLtRtA&sai=AMfl-YQ2zYzVQOUvAkxtZi_mXwBlXmPfYaehn_TuwdLQLhMDDLYv07s-kJN03gI42yAaWlhP53qwwyTTVgR0FayONJ7K4qjjaDK11Zp56bAz1L3zqWeKwO_tJB5il68&sig=Cg0ArKJSzEO3JIF0_Q_kEAE&cid=CAASF-RopIsY8hQ4R2bqSa_7dexYsyv64nF8&id=lidar2&mcvt=1000&p=311,436,401,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210514&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1651446792&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621201782548&dlt=27&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 424ms
424ms XHR
application/json 143.204.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-103.fra53.r.cloudfront.net
Software: / Express
Resource Hash: bafbecb52eed78f5d17cf710d3fb91a25037ed926bdbe4d25510b7edba8ce1e8

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 May 2021 21:49:44 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
etag: W/"543-VVStMj6ei+JzGv0k4iGry7qZUEs"
x-amzn-remapped-content-length: 1347
x-amzn-remapped-date: Sun, 16 May 2021 21:49:44 GMT
x-amz-cf-pop: FRA53-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fcP6zF3bIAMF6Ug=
content-length: 1347
x-amzn-requestid: 03ad07bb-8adc-4b05-b3bb-ec7cbca074f6
x-amzn-trace-id: Root=1-60a19378-65553a8f20012f7c7c69b53c;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 55zVWL2KR7UR0EQRlVo5do-Fs-RzyD9GG5DKn8GwdwC9SIpLfvIwlw==
x-amzn-remapped-connection: close

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 117ms
116ms Preflight
application/json 143.204.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 143.204.209.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-103.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sun, 16 May 2021 21:49:43 GMT
x-amzn-requestid: 29a376eb-402c-480c-887a-960827543eef
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fcP6vFlJoAMFj6w=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: momjc9tZINezNy5_KtnXJaSGTAKCShp9glAmtS3SRnlvVDUxaY6wLA==

POST
H3-29 204 csi
csi.gstatic.com/ Frame D8AB 0
17 B 13ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~korpom5k&c=5030016991152&slotId=2515008495576&ps=0x0&event_name=first_play&asset_bytes=165&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=5&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=4&video_played_seconds=0.01&video_muted=true&video_seconds_loaded=5.10
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D8AB 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca6b5bb454f212f0feba2155c93490a4e50a786d634849dc081fb0cfee923300

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 csi
csi.gstatic.com/ Frame 07E7 0
17 B 13ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~korpom1c&c=5030016991152&slotId=2515008495576&qqid=CNPXk6OXz_ACFXOAgwcdizQFcw&gqid=d5OhYJfwCIbJ3gP0sY3IBg&fb=ima-html5&sdkv=h.3.458.0&mrd=4&aab=0&itv=1&gpm_i=9&gpm_c=8&gpm_a=7&smb=1000&br=720&mt=video%2Fwebm&vs=854x480&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Capplication%2Fx-mpegurl%2Capplication%2Fdash%2Bxml&hvmf=false&vms=1&bit=44&vsrc=dclk_video_ads
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 07E7 42 B
64 B 40ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseB9txrshRtS5yb_tz8q5JVezC6vgDeGRzz6vDg9yvWWaEOFUMMBCUXSP6yaRKbZ-eNYPSVQ5vkf7LmNboP9L2BW2JOivsFj6xkW31a2I&sig=Cg0ArKJSzF0R9vj42vm9EAE&id=lidarv&acvw=sv%3D895%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D2005,0,0,0,0%26mtos%3D2005,2005,2005,2005,2005%26amtos%3D0,0,0,0,0%26mcvt%3D2005%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2215%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D611%26pst%3D410%26dur%3D30071%26vmtime%3D1960%26dtos%3D2005%26dtoss%3D1%26dvs%3D2005%26dfvs%3D2005%26dvpt%3D2206%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D591%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D474555232%26psm%3D-2147483645%26psv%3D3%26psfv%3D3%26psa%3D0%26ptlt%3D1621201785810%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,aud%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2005&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1621201783467

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 May 2021 21:49:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

https://redirector.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/ip,ipbits...
https://r5---sn-4g5e6ns7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/aca...

293 KB
293 KB

8ms
8ms

XHR
video/webm

2a00:1450:4001:5c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/32620EF81FAACD0EA4DF3467D1D2D5B1C9F7DA00.27556F874CC2383A77C4B40DBA19F396A0D8511D/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:121:131a::2/mm/28/mn/sn-4g5e6ns7/ms/nvh/mt/1621201221/mv/m/mvi/5/pl/48?range=1000000-1299999&file=file.webm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c632614a87d18ed47c87cc0b0c9dd554cc487bee7c85cf968463989f7630a042

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 21:49:48 GMT
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 300000
client-protocol: quic
last-modified: Wed, 28 Apr 2021 14:54:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: null
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21295
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: null
expires: Sun, 16 May 2021 21:49:48 GMT

Redirect headers

date: Sun, 16 May 2021 21:49:48 GMT
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 724
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r5---sn-4g5e6ns7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621223383/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/32620EF81FAACD0EA4DF3467D1D2D5B1C9F7DA00.27556F874CC2383A77C4B40DBA19F396A0D8511D/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:121:131a::2/mm/28/mn/sn-4g5e6ns7/ms/nvh/mt/1621201221/mv/m/mvi/5/pl/48?range=1000000-1299999&file=file.webm
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://s.dynad.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://s.dynad.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/morinigo-eliminacao-coritiba.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/coritiba-eliminado-paranaense-desastre.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/follador-e-o-perigoso-costume-da-derrota-no-coritiba.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/athletico/lazaroni-admite-oscilacao-no-estadual-e-projeta-mata-mata-equilibrio-e-estrategia.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/parana-clube/parana-clube-athletico-jogo-quarta-feira-maurilio.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/parana-clube/parana-coritiba-provocacao-paranaense.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/campeonatos/paranaense/fpf-muda-data-de-jogo-de-volta-de-athletico-e-parana-na-arena.json

Domain: apps.gazetadopovo.com.br
URL: https://apps.gazetadopovo.com.br/cxense/cxense.json

Domain: um.wbtrk.net
URL: https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEFjbUSgpr3yepvvJ58tv9Cs&google_cver=1&google_push=AQvitUJtRopBJfr61aWDp6_zJ8PuKhvEhSjPFiL6wRQqkji7GhIil1ejp7PG3cl9Rzc11pwAAdn0OIlQTwbN5yQuroFqrTJP3uw

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEIHYltyBCz39s309LcSZMwA&google_cver=1&google_push=AQvitULv5QzqvpWzJKEwcZ-2T4AbI4SOjG3ess_nHhj6GA4sygwI1nOWx8oAVXoPxW-6_0XWKJX17JPY8y0sxRLMMbjq2Hzl-SVLoA

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 22:43:32	Name: NID Value: 215=YEnAtDFFLGE1ZcGJSdX0UqH0Z6Dhg_aNeaWXZkAJAB_lqa0Gzw6DnO3m5JcDvZtS1u2R7uJ89wOwdLY5NpmFpzz2vJBfaDiHJtx9970JadLdI_dcyU9Gd8tvEEt5cGhWyalnz1PoHKz5jTDWxZU5aW0e57Dl_PAi-58PK85J5Qc
.gazetadopovo.com.br/	1970-01-19 20:29:37	Name: _fbp Value: fb.2.1621201778320.514499332
.gazetadopovo.com.br/	1970-01-20 11:51:13	Name: xbc Value: %7Bjzx%7DybbjiQtYOerZwoeutfi8NwuA3KzWBp4Nro5iZKkOt2pxxefW97WbbYDrPuXQ-z4KqlO20CAJf9HxE2jeRA3OMYToWNZ2nYZdDRAUUG7DzsWNhrxHifmjfe4IicHjeHvAS8B30if1IGVbfE9cg26I0VqHENf2Rj9szlJlkmZCAJAZPNAZpIUa_crKsq5RaZY7FjZss2kbSVPUI34h2T7QaCZfcZ7At8aVdRL5mbl4JVd4G60iRG13uFd81WwjTeYP2OCPjx10U9NidhRiOImiJu0MlNY3V0_1XbxO5duMI_ci3K6BspSYjiSddh4acIeW
.gazetadopovo.com.br/	1970-01-19 18:21:28	Name: __pvi Value: %7B%22id%22%3A%22v-2021-05-16-23-49-38-107-LO5CbxzyJvgEvrE3-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621201778274%7D
.gazetadopovo.com.br/	1970-01-19 19:03:13	Name: __pat Value: -10800000
.gazetadopovo.com.br/	1970-01-19 18:20:01	Name: _gat_trackerInfocoder Value: 1
.gazetadopovo.com.br/	1970-01-19 18:20:03	Name: _hjFirstSeen Value: 1
.gazetadopovo.com.br/	1970-01-20 03:05:37	Name: _hjid Value: a75a0a2b-01e8-466f-a43f-2c9e1e4cb8a8
.gazetadopovo.com.br/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.gazetadopovo.com.br/	1970-01-19 18:20:01	Name: _gat_UA-23088598-1 Value: 1
.gazetadopovo.com.br/	1970-01-20 11:51:13	Name: _ga Value: GA1.3.2019157809.1621201778
.gazetadopovo.com.br/	1970-01-20 03:05:37	Name: cX_P Value: korpohkutl78fg54
.gazetadopovo.com.br/	1969-12-31 23:59:59	Name: cX_S Value: korpohkt6pyj1nd0
.gazetadopovo.com.br/	1970-01-19 20:29:37	Name: _gcl_au Value: 1.1.817852080.1621201778
.gazetadopovo.com.br/	1970-01-20 11:51:13	Name: __tbc Value: %7Bjzx%7DmTYUm08lJyHEWAs9ALXKQvnfSe2aG0aDehQRDmVR656Khsrg8SWAZ-XmYHGTM83e0vDUzNKF9oX5eGqRNoACSt68fk79v-XRQP4j4wvVJcfiYOFoM1nCPnPe500b0Xqp_ClXXX7wZd7xhwozNxHCCQ
.gazetadopovo.com.br/	1970-01-19 18:21:28	Name: _gid Value: GA1.3.598204554.1621201778
.gazetadopovo.com.br/	1970-01-19 18:20:01	Name: _gat Value: 1

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.188.1(Line 2981) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/settings/initialAudioVolume=50/containerId=_dynad_c_I5550009734_16212017808991292278405/showPubHeader=false
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/load/https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=/8804/parceiros/gazeta_do_povo/in-article&ciu_szs=300x250&impl=s&gdfp_req=1&env=vp&output=vast&unviewed_position_start=1&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dwww%20gazetadopovo%20com%20br%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26keyword%3Dvideo%2Dauto%2Dplay&description_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&correlator=28048886472807876&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/active_display/true
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.003173828125 ms
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/resize/533/299
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/play
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/resize/350/196
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/start-counter

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
9e964e6c53f0a53421cff3c505e22316.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
adservice.google.com
adservice.google.fr
ajax.googleapis.com
analytics.twitter.com
ap.lijit.com
api-v3.tinypass.com
apps.gazetadopovo.com.br
assets.gazetadopovo.com.br
b.t.tailtarget.com
beacon.krxd.net
buy.tinypass.com
cdn.krxd.net
cdn.onesignal.com
cdn.privacytools.com.br
cdn.tinypass.com
cm.g.doubleclick.net
code.createjs.com
code.jquery.com
comments.gazetadopovo.com.br
connect.facebook.net
consumer.krxd.net
csi.gstatic.com
d335luupugsy2.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
events-api.gazetadopovo.com.br
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
gdp-prd-data.s3.us-east-1.amazonaws.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
infograficos.gazetadopovo.com.br
json.gazetadopovo.com.br
json.gazetadopovo.com.brhttps
match.adsrvr.org
mcasproxy.azureedge.net
me.jsuol.com.br
media.gazetadopovo.com.br
multimidia.gazetadopovo.com.br
news.google.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
play.google.com
pubads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
r.turn.com
r5---sn-4g5e6ns7.gvt1.com
redirector.gvt1.com
rtb.openx.net
s.ad.smaato.net
s.dynad.net
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
scdn.cxense.com
scomcluster.cxense.com
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
ssbsync.smartadserver.com
static.ads-twitter.com
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
t.co
t.dynad.net
t.tailtarget.com
tag.navdmp.com
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
tr.blismedia.com
tracker.bt.uol.com.br
tt-10162-1.seg.t.tailtarget.com
um.simpli.fi
um.wbtrk.net
vars.hotjar.com
www.facebook.com
www.gazetadopovo.com.br
www.gazetadopovo.com.br.us3.cas.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.semprefamilia.com.br
www.umdoisesportes.com.br
apps.gazetadopovo.com.br
google2waycm.netmng.com
json.gazetadopovo.com.brhttps
um.wbtrk.net
104.244.42.131
104.244.42.5
108.174.10.14
13.32.6.61
142.250.181.226
142.250.185.226
142.250.186.34
143.204.209.103
143.204.209.3
143.204.209.47
143.204.209.76
143.204.214.70
143.204.98.39
151.101.114.133
151.101.114.49
159.253.128.188
172.217.16.130
172.217.23.102
172.217.23.98
178.63.12.208
185.33.221.13
185.86.139.104
199.232.136.157
2.18.234.21
200.147.166.107
2001:4860:4802:32::3
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
213.155.156.183
216.52.2.48
2600:9000:206e:8e00:1b:3b3:e300:93a1
2600:9000:20eb:1400:6:5b96:3f00:93a1
2600:9000:20eb:6e00:4:5c96:9080:93a1
2600:9000:20eb:bc00:16:bc5f:3e80:93a1
2600:9000:211a:a200:6:45ad:3580:93a1
2600:9000:2156:3a00:1f:3000:7b80:93a1
2600:9000:2156:7600:1d:7626:ce40:93a1
2600:9000:2156:e800:13:9bf5:7100:93a1
2600:9000:21f3:2800:12:af17:6680:93a1
2600:9000:21f3:c000:8:7f48:3500:93a1
2606:4700:20::681a:415
2606:4700::6810:cf3
2606:4700::6811:4edd
2606:4700::6811:b6b1
2606:4700::6811:b7b1
2606:4700::6812:e234
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2804:49c:3101:401:ffff:ffff:ffff:50
2804:49c:3101:401:ffff:ffff:ffff:52
2804:49c:3403:2676:ffff:ffff:ffff:6
2a00:1450:4001:5c::a
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:808::2004
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c0a::9b
2a00:1450:400c:c0a::9d
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:2bf::268b
2a02:26f0:6c00::210:ba2a
2a02:fa8:8806:16::1400
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
34.102.185.99
34.243.68.123
34.255.31.14
34.96.105.8
35.227.252.103
40.81.121.140
52.21.116.104
52.216.18.51
52.217.82.8
54.76.195.29
54.94.253.231
66.155.71.150
76.223.111.131
99.86.242.124
0071c7a900a92904c5b673d2ae6b025d09a732028ebc2929e089628edbd0c64a
00f5043ee153fd075a23d1bb83ac0790167dee2be0ce7677a265f3bd1fdb7813
01300f75a9a482e057635d1d1d5a232767706eba3f0868d019e004f053ba4495
018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461
01a5537bcbce3d21380990043af32e0651fd9330a42a3d23dbc26a39fc96d546
02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818
036cd4074bc09f061a7d6a56a3437bf4e7ce8d7b8961eb1a171fa0c1c1082d0b
0478f8a286d5e8074dd717ecfdea6fbff972a2a0a4103d7dc9dc4fe680a37c25
0496319865f0ffb8aaacb68eb5d977ce944992bfc667ce12f3369607403ca8a6
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05daf5641860d931d49d2ca3a20ed7783556a7ff7e33ea605d06c90629649d3f
071dc7f330af3cbf3e8026aacdcbe92c25b80fa573858a19d257407fea385b3f
084a30fe8daf555b90f52e77a10c0087539fbb9b590d78c2228af4b4a41ce102
08793ea4fc976354c74035e76b0ffd935d45cb991b57557713709372969cc30e
08ce39333d3c79c0cb8fefee15cc8acfe274ece6d8aa3a581b08fbeb305ee75a
0927026130903cfe48341c0870520b14e5d1a462163b46e253ca4facec2cbf8b
0960773a73469200c61f42b66f50be09dc8c8e3ad35ae3279b4c87ba5e63472c
0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c
0b4f3d9a482315852b45392fae2cb7f06373674eb4a3fbaafb7c6f7ea17a00f2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d014fe20933612bcc800fcd866327836eb165d15be6360bac248c519ce141fc
0d9513f328a32e8228fb91dcfd1aba8668faa83864292fee0c9f8cd0dfe736f1
0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4
10b80e7cd4c70895709c9987f8fc05b10a23ea7d1c310c0aa9cf9a8c4ce8b8b6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10ebb3e0760ada317a54cba370a08d133552db2caee5b7e6acf4f52a641eecc1
123ee0825b070529e70d7a127a533a8e33f7f6e0b004bb1b368ce7d78fd0cca9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13bcb9c65187c5a752d9885939ea73db5bebc90bcbe5e26b1cc6e619b34303a6
1415f02c06c03be689f6066bccda8f184d97a088f41e4d088e3f7d371ac79d16
14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1756fb46aa1a7fe26e8c57328db54497ef70236895be1a7160718bb772abe23b
175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777
17683bcd2cca80076f7b8297e67f76fff0e40188479310e58523ff63ee171586
1804ab7f6b042a6d9119277c61a7eaf3b9f3bb557e671327e41f91c877403231
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187724f70ee4b0489797a1e57b7851448eb8f44705ae4e27f1877aee681b3294
194dd165a2f7fa82f65c2d5e4eabb13a352d6cbdb24ea248dee23a92058a36ab
1a3a0566467a354e1984d17459c247951df3206db7a722459809b45e25453cbe
1a4cc0e434a49a85bef77cf1d345a20b952002eb8704dcddd90301e13d4bd67b
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1b9bb468bdbc52e7bcdb3d7bfafb1d7ce917407233817b97b9bbe2da7690bff4
1cfa8ee7bbc328e0f87bcb927046f16b786b9aba3c37d8ce90db6a85d53b1499
1d6fe15fe35d33f37ea9711b85b071960d8aff36e275f19b4c2463143a1715cc
1d6fedc4798eb727f5368a1764f155c0482f111c8b573dc17834b3939ca1ee43
1e7dc002385b9ba6e6d5535dc6819e1366acb49d4811ded8f58372572a9ee14b
1f0ac3e7e1d780529840e49909253f122e5b56036832b19e034fa3289dc95355
1f16c0eae6142f5ff772b436fda78af1642914530dd7b5ae7aa709f37e876fe4
2380ab708a75fc7442adfbb8fb830748d0214fd48d127a2802c50275b9885169
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
24c97fea4b5ca3bbd1127731b895a86921e99d914971ae60beea7c51bd613dcb
24f0d391fc42b6c6f6a1fa1567ee52db3c2f242219e28c2075e1077ece6322e6
257e248eca91e6f6f570cf1c9793dc0f56a6f55b3178a34fbb9d2a3c4b611a7e
259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39
260f5169d3ec2afa29bc51f1347e56b0346aff042efba4ef58f919d1d5010e58
26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a
27a6c243672ffb51b1a582fd5a4b3eeaff10901a70890f56f14236b0f7bfd867
2800e16d65493613d8ace6e0b8ed53877c7ac7d038fd1a78117f3778cdc27d86
289fb9eed8d8ebb41e4a1ed1e50fe919a7dccebf01e01480312b226e2aa4a93e
2bf086183b464af1ae432062d10d38133a39eb3f57ab3e9d5108d0c074880f11
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd20f7f3eb62fd36c0bcf3021b9cfe55bb84da873ea1a88717c61ef90dadf1f
2d2dc473ab0f5f864cbf1bbfdf2e971ac5a750e226e1fd44bde4e1288da8966d
2dc4525c53a2721b9e0b858ec72e218e7fc1de72fbdae84653648daed62b89de
3036bee9f749fdca0544a5592ce8da4204fab8f2b68edc6ac3905c90266014d4
32465dc09887d5b666172cf92f6637ddbcd8edce67e15e70ce8584843f12630d
3250111499e28b9453681469aba9fc222f2233e742e3164d8b215f47cca8d76f
32da867d8740d402963df7552cb6da4618c7b35b2fe6474b06fd7eb9333f7f69
3329fb41f79ed8fd473619f800f8e50bc5d963bb5ac6b0756269f04968f6c583
36d0b988fad57022324f75a6441b77cbf9f687684931fb7282314095d4128cb7
372694fc771ab17fa97cee300de1f8a0f6daf776a801c4f06ae247b4a029fa55
3762e3f063a0067c2bc6ae697efe0fcbd6f9489bba40dc1d4d0254ebafafde84
37bc97ea35a020adb37d83ea9b4c63dc4ca34cc8ef9ba731e15a7914a3852b90
37ef970abec9e060cd27738ebb3195713fb367ebcf37702e825c93d990b4c493
389033bda6df04020f9010686fdac3a0232caddadddf2ea2367954c0aeb5be35
3be68f55654c74ca19226077afcea1c3814cea4652fbde4643e2681978af6025
3c6c115c8cb89663ef2f715c1d5112030c1abe8edc74e379e14b5d10d25da762
3c7baf9639de9aec86840a0b62c3f0003b36ace087c730795d4b12b0127bddfe
3c817675d9f661d56fc48e850c76e7d5fbdec5783a2c191982e740359bb569b8
3dfd65b75c85ebd9511c434ab51dfe5d35ea7e2f6cd1981eb9ecbb314a0546a0
3e4b3a58fd8e383e180de6ed3ed7fbccc7b6179f0b946e84cd34c7f6b4d448d8
3fd9fa38f29bbfba03b702b380979d2debbfeddc10943a46e8c10d60f0f00494
40ccd6bbb4279e57d63e1dba047c33455247a6eca6571f35d59e9c9afd574737
415d3d6cda5346ac9664eeb468920085fd2910508651ea3b93f77b8137d93293
4305cf47f19afb59b38a7b1107cfc9992346da5b5fdb412193c862a22cc1ac35
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47bb2760890a290ad550e791686a1d9648d2e398eb8342869819bbf68c3ae458
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ea7c1a07806fb3a5016258f7cf407e05d51c43458c7fc8cadfc60cd1b8e979
4a22360dd6d94b4906b19fc6c6cd3d26e95f0a95b72d2517b0c49bdfdd66f537
4a3a2e63a4ea476dd546a2a0181ab72826f8706dc39649e7488c8e1bc3cba302
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbbbb39cbb414d18f93cd2676b61afa7ae2830355de347bcf00e01f0a0eeaf4
4c8559b3d9f89fac3a49716cc7ae77f6b922e2e5c82c81e4b558fcdb5a819e35
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e18ea6cd9278f2ecfcc5d3bc2f7404d8fb485d1d04e0caed95bd8f1906f6c84
4f13b209918edf848cea5fbeb22c615096e37b9496c3e320dcb03c01e8579460
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d
51ebbcc0d1032e80874c0b1445b0a5e091e4706b7d2637e0ebbd315e7d90c718
5206dc36981bc22eab7da77fd4ee4034af56ab2e053edf04f5bba1500c291884
52f9ada7b17f9abdd7b8c5e55014236a3f52414de83aebfb06e822fee964f85b
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54a68f492921d1cfe7f8453d7b83502bebf6b4a27b9cdf4e7f5a51ad608db6ee
54db486cb5db345a75c3532967f3ccdbc1cc03260c6526ceac88fdf8b5d12ed7
570650672fa929f98f7cf03d0cbead87398979cb2b59d9dcac8ec9531720426f
583cbcd535fd209324804675a70beb8933a7c0204ad87b19b4b286992b4c336a
593e3f4cea11f807d0e6950fbf1fe559b0badeb75aa87a4b040600eafb9fd5db
594927cc7f7801fa5a2f6c00b40b7925e0bfe294377b500b24b76f66acf67b17
5996062961b290de6f5e449fbcfdc3df354b36605692d9be7e571b91f978e21b
59df371bf5a3fe381933993836f515e64c8b8f0b0d81b04a417c645700b6d369
5a5e3e9baab3ea602b9382fa4aab3b061d77b2604006c72813282b281ae99d2e
5bb5ff84e63393bb298a05213f488e34cfb5ac638a8b381a7a9e45c39e4100b0
5c57a6258d7d5683a6eea1726f2b726ffc2fd8eaccc1cbdfb69a93f7ce0d04d5
5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3
5dc6fa0e3b728bf2952dc08085465c863cb0c04085b0aa06da1dae1d2e2a8208
5ed736d8aba55248a40a9c801b58dbb586b5083d4be20f53269e8b61d677108f
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fe89f2808067c83efad60379d2073b419ebcfdcffe5a87b7738a4530a11694f
60616ec1ddc6f55e71065b09f27f371cbf3b5ab82d9a08a9832e8e4acc27098f
60656548f6cd37dd7402d9cf541c2c2f729b8d766dc9e497d54bbbc01f2339eb
628a58eec2f50d080ea61c506ea0b1ea5cd68debb3670c9d926caabb8337ab82
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
62b38065a8a615b27ff55c26bbfb89b64e77bf9deed8a485add3669754ad9307
64095fe3e562a8fd781a22b6d119145f44af362ce8efa4af1a6d7ce9f78dedda
6437fefcd5a8ed1fc150bcb0cb5beeea3dc6346a68b2bcb773a6efe0ca95265a
65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
685c56af1c171a28b6453dcf77aed041f7bcee6a30efff15247c4248449255a2
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
68ffa15d880b918a604c4bf5a316fc700d8f71b6b06335074fdf0018cf34ccf8
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4dc3ebff73ec456fba2022af98851c463a45f1eb090dd9b02ec234bae39408
6d30e1f33652b01033d3af46e70f09d77f4fda2cfc400d4cb2f7f3f86fa2413a
6e3b76bf5d88736c9b9656cf2810230a811e0e3b7a1e0de037f4345a3e971529
6e6ea38b72668f7977a64ff403eb7d185f51228d15749b397ef3ddce7b3b81da
6f46ae63e1f30f9c5b6f1422fe0e4b8c79b902ea76e38ed9328d8d7d8a6add24
6fa5d27ff3927dafe72c819b5f15d21bbf901671d26c07ac9d32da23e31f83e4
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
73bd5a23aafe8831ae3b1672f705e5abf5306911449b37fad47f0d72a2919c0f
74c0f92cf921b0e0c165e4aa0141c4f794d87c28b11977f5f6926f057e5c1d96
75357fd177a0be860b0bae619682348a1b9bde0f8e2ed53fb68f44fdd3a33438
796b7c426168c17fd0cda987277798ded81c6503a920f1fa4a90b946356ccb6b
799f8acff99b00be4f8b088e70a74a90363be8948760360a5f848b3c1cf2de19
7a55d1bed6b3ef1db79ff0d7a6bb932099599a97cca2e4d2ceb069b7a908c637
7ab3cdcdd5a48379783757d3ea93f0fea27bf0a101deaa60129dfd9603f3f6f9
7c45936acb85087e8a5ae92fc4ebc184e7d08ed6227541427a3bb62caa9b2922
7d7bc926d5569df29d71239568cca1be8e851e5168220c3a2a69095c2a0fb04a
7de285ddb8303edfaa1f0f56dc6b862b1721ce63d865f1174670b71d3adea18d
7f9f1b00b41d8f26f6b1861605f9d0a4deaba1ba5cefdd5563ae71891b46a88e
8003de49ad6d72dbd6f6ec582e7de44946d990e18f763a8601089c901d0c0d07
8081c769c2d9191a1ae2bea8b1409784c0a13d70b83bb2f41d41cc22ef2164e7
80b7bc9ad3b815d7e0ec6011a41bf3c1219fbdb9b59141a5ae03aaf4e8f09b1a
82bbbc911bbd4cb4257174aa7fbbbfc19a4e13cce6d5e14c8296d37e4479478b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
898e426c0d1434a9d1fb208183fb15a3de3901e461ad8c5703d244882534c7e3
8adf7b5c55881bc2c83bdc0e5b88d82cfa037700b6fb944427e4b333a84562ee
8b76118974ef0ab46326990438dd1f1746712aeba32817184e792f8b46c94af8
8c5e5f9c3516530b000b023336d95bcdc0cf11b1a58dc236fdda801fc376de12
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40
8f9d33367ad23e94af2c6a4703eab99d8f6a72abf40d1019d3be34ac56ab2db6
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
91e9164448bbb0306f0ad72dad13782ef08ae66a9ac3d9b857d9a57a8a3468a1
93c29356b85925ff806adbda076c942a77335fecee4715df51b86f50ba64082d
93da23ad716e68c9eff8fcfcf2ccf7056467e6d6e34ae308ec9ef571b64dff3b
945df570e3544b239652f3404cfa6d5317668e3ffa5996700993251508a8029d
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b86ceab3181ad0abc55bddbb9804e90b6b2c2d7a663473a6d49132a50ce18a2
9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a
9cb661e4929be3fbce0edbdf989e3dc897abff81c0412205d0a8ee507e41b841
9ce76c1a5edbfaa86d3d95d93c25a5a8022c70bf53177acee5067c1dfc85fda3
9d4d616940d411a94537e925458bb37ec3538e07e9203579cd261a52d1659f6e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a21525f3b01371cf5cd313f733dee7148a4c0d9fe7126384aed6fa3aeb9b0c29
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2ba9ffa08b8c4d5ce2ea6c83f0223e1cf987602d7fbcd56bfe3e8cc60be773a
a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c40b9ac364e7c77ac95e53a6b382d82a2fa966722d2e3a0cad83474a4feb53
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a6a3c9807087811adc4d9d50b87bf5f84d82fe71cea8e31f57fa3b887f76f17a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a819f2e6ce65128ebc658ae24fb6b0c5f9ec9a2e6c491204ca967b892e91933e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd98206b576b8f71d5f658eba383fe662814156290ab60c56f9e63935df618f
aeb4a93ddd7bc34f79e42ac4d5986496b7e7ee219ea5a1575c874f1b9b23f0ed
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afba6e308182b28f02233e3c816e99fe5cc51511f90cab2cc6219d652f14f3a6
afddb6162cf876aa5b7f7824c3815df516b449fe43599a38284a13205b9e9945
b0535cbcc0ffe88e1de1b05cef1e0a7d9d4fc9ffb2d914355f1b04c7790e7471
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a
b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726
b3fcda5d5d3ebea131b0235ef71f0252e9e395c860c5d5eec757790db07eb078
b4217cd168f164b006c464f9f563d9f24c18a700e67b24616aad1d714c0187e7
b426e4a036ad72cd6595ae2b074d19a2c96202900dd36a685be46b2dc335dde1
b46989efe6f677f60e6910de647de787ea36f57517abf351de67f89f9dc9ba84
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5f899be7fac4078a0488684439d1224652ca9123fc8adae8d7718933e5dd873
b79b127922a4dfb0eb5991f5b32439d0c7a374360718ffcbf7c6c095cdf43b97
b83fcee9839111a1815ecc23fc714b7bf2c2f40c0f130d96aa9587d25388970e
b8e0a46f1a28e4a7adc668158241a0748b4664b5e2fdf5d2e325936a5f09df36
b9abe16e112e0c606f0a92db9f74d716b480a0e98bbea1a977cbb31749fbed6f
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
b9c7ebb797581cdb9b95dff3df6208bbe9af5c9bec404dabac94a7bb5ff60b03
ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506
babf9b4d3f19a5f57d8a37149b7367c713f3104c19fa4ed9efb7622652ecd67c
bafbecb52eed78f5d17cf710d3fb91a25037ed926bdbe4d25510b7edba8ce1e8
bcb0d55a82958ee5b4c01db8941572a31636c58c332b441356e00984c580edbd
bd60724cb9210212ed76686b7e74dce2c2c7cfa5fc7a5408c4b75fec59cfb1f1
bd663da386f5e809875f3ad2cbf63a33edeca1d32fd975ccc1542c9658aab092
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bee94f92f87881238a9d783523e1d3c6eae7d4f808e261eea83c5c5b585e6a60
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
bfacb2f0a22d6ae61e4f69d09f6cc537af8a2b0d0cd9174cd56cab2d3c494258
c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c
c110089cdef8b21a42882056e0fee5c7a902ab54ae54fdbb1ca022fb6cf896da
c192ba214e94169e6f33b5979f9c04473f6098f9dacdf40b7965a1d2fd685127
c2015d08cf877ee0e5feb420c465fc70cff1b10c244e3bf6b9ce00131d542c3c
c2accbcd4db6f651afc7dc798ba46e1c826bbbebb03a089de2c39388a6748748
c446d484fea7e707b40f59a23eb7981df50e040932cba4615581d5cb30e9de25
c5e50d1c9ac3a61b5eae353a6e814bc0373a6762a70d5a2584515a4375c1bfb5
c616bb9626ceeb878247763ff72103e1ffe8d7c43cf7dc7e7442d3b0d4d0cec4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c632614a87d18ed47c87cc0b0c9dd554cc487bee7c85cf968463989f7630a042
c78e49fc5675424a0d9b28f880b7a83a0e8172079f100042d1d4fcdf58e0a279
c7eb98f2451da8a6f5f6d31e590dd6c56ea58011363dcc614ada8b49597c227f
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
ca6b5bb454f212f0feba2155c93490a4e50a786d634849dc081fb0cfee923300
cc33068463b75ac7fad0d842a236d8d2ed2a74cb708b7a4d59fb1d62a2bd7ace
cd8c8c0ff19c7335a9b34a9fab5afcbcd2cdbb6d877af2c45f143ae077d33df4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01387522bd0b23d643467eea489a8dca59fca8aa859bef983055d40d2120112
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de
d34b670139c7b5662f5c236451f1873b40d53497277ecb0e0859c2ea40f4f734
d43671f156b8198fa4c99e10f14c61c26cf0689b96b4c1619ffe714012148c35
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6d5c75ef2890b569b6f795bead913ea2b87ee173cfb7547af76d543b1d46757
d6e0fd2a5540d8a26bbc2f2868a5ddfc300137e6bf05a581b7bf918f9e8a6ba1
daab4d839ebb17136ea284ef731da4edc5d43196a2426ce0b54993a571829dce
db92479c24fcad94851f07f810e2a8dd907993a3914359bf9918718c21740a58
dd57db2457291c5e7b829b76a495abbc7cd5d149a65209f1013ac7fd80353630
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de42571149eaab9f73801a5fb0df9602885385e4a3e366d9304dbccbb6562cd9
deb0d7d427858d047173d87a8702ddd16a3153fb51516f6786783dc6dc1b293d
dee2ffb2b8d6e90bdec1a9f7bafee820de5c930fd8cb508e9e4693b8b4d15a96
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e16ac219cd21b31bcc7e87b0a626685910a4a3199ac975222f64f5cee5fa082a
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e19f0180a799683bba1c03944f8f93145928c9bb079907025329d14260f2b2ab
e1b44dd23d067894982c68b81905501ce7b775bc5e03d3f6a7d96c4bc3388233
e220ef583f653ea5dd0ad93e7ed543097839c1752591d4b7ecb5bd46c25e2769
e36e842af5f12bbadd9c73fbf17e12e2276023449e50fd704bcffd01cff53568
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4083aa0dd380a5939e813fea913a50fb1d5402cfc89fbd3316799bae34cc5e6
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5355f8dd9c277c28e05f47621a4e9813d6652fb43614ed4273a11be48ca8f34
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5b2a278c1ab02a90127fd8191dd79159eefcc5bcda3b45b4945faf2776e979f
e7ddeed21b0c1105938ec883ff0b61a295c41d1ed41baf09552afc691b57218d
e7f3f11c7dc946d768710ef63ab41344d69f8112d19123c346d3f56fcc95e1b5
e876a4fb7d47dd96c0fd393614e4f589730f6c40a1c0f4fa9e4ad060a0e933f3
e8ce4a0a32c830a6051b2907482e3122be8ad51d495ed58b238c68502b5eb8cf
eaf473fd0258fa10aaebe997c35f15f9989a4b8ad42acf6ede1731ba26529553
ed8812944aa8ba9f40a5ceaf319b0a1f65a173eb9914de31bb352e1812b77945
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd588edada4c7dd64043783f7659cc4f58b1783871494f7fb871aacabfe3196
f07478b2d353c380ad500037450c2cf65c9b13430b3e4e1063855f87e9b7a90e
f08f1ad5fcda278838126a53b36968dbe612ea56ec8d33a480700dade37de120
f0cba0585f540d99fb8ba968e67bd20e1f55b3ba5838dcc0ebd869630d868ea6
f15c359d8e7e5831725c38fd397e6e065fccd867dc06dab8d92ea86ebc145880
f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a
f363bb1263ff140c7a599ac408717e56d801c29238b25bb8506a7a09527408c3
f3bca498f4fa68a5d099135c6b44322e22aa62e509f59fc294d9e53d38475374
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec
f3f662e23645b1b81aaf6eb5901cc9162dc0316b2b48a735c2761493e8ecf1f3
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f4ec649d2dcca2127705338bf4025717185003216687b7d5a9cd6db9024d919b
f59078f7c727d97970da4b14b4afae140bf681b253721299c6240f41c3a96d5e
f739a5513582c76478bb5236a33298c4b823568030c298752408bbcf0f7bf98a
f74bdfeec83247edd199110ac967f48433637c2cd8dcac06c4de540abb3393e8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8b34626df06b7e8b2d19b296f48b78a070629defef7c480d4612c941aa1aaf7
f9229c7c9e31404fedfdd12442770d5711dcc3aad9bb80d3a3740af703bf751b
fa3b29cc8ede1d0564bb91310a0158a7bdc5cb0c422a19a0bc4ec969e28ec0ac
fa7c60fca96e114cf9162a26c0eef728783f2dbff06d2b86773535af90de3f8b
fb4f40816efe587f63b97cb25866178f65718b214a333f4f20a1b4b066994445
fbb6b936b2c85c019776a06b312e96cb5b11ac07d89250eb1300ad2235564126
fc6f08418c27602e052ae96e15c9ad16a0edad8364805dac7f8a7ed3db50558f
fd6d343c560c20611901e4c09e6f4da827fdb5957d2e4e2d3047c2e5804d4e6b
fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a
fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd
feae690a5c73d87b92b082e21f1c24672ec8fbc0eb637dee7afd73ff4f26139c

www.gazetadopovo.com.br Open in urlscan Pro 2600:9000:211a:a200:6:45ad:3580:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

546 Requests

98 %HTTPS

57 %IPv6

59 Domains

103 Subdomains

88 IPs

9 Countries

7354 kBTransfer

17034 kBSize

17 Cookies

83 Outgoing links

Page URL History

Redirected requests

546 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:211a:a200:6:45ad:3580:93a1 Public Scan

Screenshot
Live screenshot

Full Image

546
Requests

98 %
HTTPS

57 %
IPv6

59
Domains

103
Subdomains

88
IPs

9
Countries

7354 kB
Transfer

17034 kB
Size

17
Cookies

546 HTTP transactions
4 data transactions