urlscan.io logo urlscan.io
SecurityTrails logo

estacaonoticia.com.br Open in urlscan Pro
172.67.174.120  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Submission: On June 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 16 domains to perform 59 HTTP transactions. The main IP is 172.67.174.120, located in United States and belongs to CLOUDFLARENET, US. The main domain is estacaonoticia.com.br.
TLS certificate: Issued by GTS CA 1P5 on May 11th 2024. Valid for: 3 months.
This is the only time estacaonoticia.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

15    172.67.174.120 (United States)

ASN13335 (CLOUDFLARENET, US)
estacaonoticia.com.br
2    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.226.175.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-175-58.mxp64.r.cloudfront.net
js.publinker.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2400:52e0:1e00::1079:1 (Germany)

ASN60068 (CDN77 _, GB)
cdn.pushalert.co
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
14    2.21.20.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-18.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    216.58.206.78 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
estacaonoticia525.pushalert.co
Apex Domain
Subdomains		 Transfer
15 estacaonoticia.com.br
estacaonoticia.com.br
918 KB
14 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787
152 KB
5 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744
region1.analytics.google.com — Cisco Umbrella Rank: 3125
129 KB
4 gstatic.com
fonts.gstatic.com
209 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
176 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
72 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 894
script.hotjar.com — Cisco Umbrella Rank: 1260
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
206 KB
2 pushalert.co
cdn.pushalert.co — Cisco Umbrella Rank: 50326
estacaonoticia525.pushalert.co
50 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
7 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8088
63 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 112
5 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
18 KB
1 publinker.com
js.publinker.com — Cisco Umbrella Rank: 812632
ivt.publinker.com Failed
21 KB
59 16
Domain Requested by
15 estacaonoticia.com.br 1 redirects estacaonoticia.com.br
14 analytics.tiktok.com estacaonoticia.com.br
analytics.tiktok.com
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
analytics.tiktok.com
4 fonts.gstatic.com fonts.googleapis.com
estacaonoticia.com.br
2 www.facebook.com estacaonoticia.com.br
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 www.googletagmanager.com estacaonoticia.com.br
www.googletagmanager.com
2 fonts.googleapis.com estacaonoticia.com.br
2 securepubads.g.doubleclick.net estacaonoticia.com.br
securepubads.g.doubleclick.net
1 estacaonoticia525.pushalert.co analytics.tiktok.com
1 www.google.de estacaonoticia.com.br
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.google-analytics.com estacaonoticia.com.br
1 region1.analytics.google.com 1 redirects
1 lh3.googleusercontent.com estacaonoticia.com.br
1 cdn.jsdelivr.net estacaonoticia.com.br
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com estacaonoticia.com.br
1 cdn.pushalert.co estacaonoticia.com.br
1 js.publinker.com estacaonoticia.com.br
0 ivt.publinker.com Failed js.publinker.com
59 21

This site contains no links.

Subject Issuer Validity Valid
estacaonoticia.com.br
GTS CA 1P5		 2024-05-11 -
2024-08-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
js.publinker.com
Amazon RSA 2048 M03		 2024-04-28 -
2025-05-27		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.pushalert.co
Sectigo RSA Organization Validation Secure Server CA		 2024-05-08 -
2025-05-08		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-06 -
2024-07-05		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.googleusercontent.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.de
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Frame ID: 7C498388A90C55610FB0526CA1F477CE
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tarjeta ICBC Start Visa - Estação Notícia

Page URL History Show full URLs

  1. https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaig... Page URL
  2. https://estacaonoticia.com.br/cdn-cgi/phish-bypass?atok=XB_Lhvg0T_FIICUbd0ptRKUcBL7r_BJ_XCdvLWbrTm0-171951... HTTP 301
    https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaig... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

59
Requests

93 %
HTTPS

60 %
IPv6

16
Domains

21
Subdomains

21
IPs

3
Countries

2023 kB
Transfer

5678 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart Page URL
  2. https://estacaonoticia.com.br/cdn-cgi/phish-bypass?atok=XB_Lhvg0T_FIICUbd0ptRKUcBL7r_BJ_XCdvLWbrTm0-1719518969-0.0.1.1-%2Far%2Ftarjeta-icbc-start-visa%2F%3Futm_source%3Demail-ar%26utm_medium%3Demail%26utm_campaign%3Dicbcstart HTTP 301
    https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-W0GR6DDMBY&gtm=45je46q0v874644835z8830989289za200zb830989289&_p=1719518975729&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cid=410895690.1719518976&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719518976&sct=1&seg=0&dl=https%3A%2F%2Festacaonoticia.com.br%2Far%2Ftarjeta-icbc-start-visa%2F%3Futm_source%3Demail-ar%26utm_medium%3Demail%26utm_campaign%3Dicbcstart&dr=https%3A%2F%2Festacaonoticia.com.br%2Far%2Ftarjeta-icbc-start-visa%2F%3Futm_source%3Demail-ar%26utm_medium%3Demail%26utm_campaign%3Dicbcstart&dt=Tarjeta%20ICBC%20Start%20Visa%20-%20Esta%C3%A7%C3%A3o%20Not%C3%ADcia&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&tfd=1934&_z=fetch HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=410895690.1719518976&dbk=3953449759556238784&dma=1&dma_cps=sypham&en=page_view&gtm=45je46q0v874644835z8830989289za200zb830989289&npa=1&tid=G-W0GR6DDMBY&dl=https%3A%2F%2Festacaonoticia.com.br%3F

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
600ab6a21d792d4bbd50303a88363ebcbfb23c9f50ed6a0e7f4e62bc91d08836
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-ray
89a81336acc18f30-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 20:09:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BJefa4LwtTL22cGHFkB33FpO5vVn%2Bp1mjN1SI2zaNBPLUbC%2FM4hDc0tSRMC0EUFpMXBtha1fIpX5krlj0wPBIgxwF7Dshr1buEUQ7rEdY243Bvc7seDCr17t0u5%2FQEDmnbgHgIVdtc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
estacaonoticia.com.br/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estacaonoticia.com.br/cdn-cgi/styles/cf.errors.css
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Jun 2024 13:42:47 GMT
server
cloudflare
etag
W/"667c1ad7-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
89a81336dd1b8f30-FRA
expires
Thu, 27 Jun 2024 22:09:29 GMT
icon-exclamation.png
estacaonoticia.com.br/cdn-cgi/images/ 		452 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estacaonoticia.com.br/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/cdn-cgi/styles/cf.errors.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 26 Jun 2024 13:42:47 GMT
server
cloudflare
etag
"667c1ad7-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
89a81336fd528f30-FRA
content-length
452
expires
Thu, 27 Jun 2024 22:09:29 GMT
favicon.ico
estacaonoticia.com.br/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://estacaonoticia.com.br/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5a2df77453bc851810616b319295188b2a8e0fec27cbb32aff099b5668259e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 26 Feb 2024 17:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65dcd065-3c2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k7hjtgbh5ZXcOp0gKfKmauL7sTfvwGRM%2FJSfBbLgg4ER0juvWazAvGFqEWgST6V9cSctsaDwzCBS0CSx4lNYz%2Bf883kL1qi3EA4HvlULLVBOXEN6OXcSI9GEimSRBjHELOATYN%2B7Dqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
89a813370d828f30-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
Primary Request /
estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/
Redirect Chain
  • https://estacaonoticia.com.br/cdn-cgi/phish-bypass?atok=XB_Lhvg0T_FIICUbd0ptRKUcBL7r_BJ_XCdvLWbrTm0-1719518969-0.0.1.1-%2Far%2Ftarjeta-icbc-start-visa%2F%3Futm_source%3Demail-ar%26utm_medium%3Demai...
  • https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
881 KB
604 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
d4968f20ee5ca21cc2723e1fc843a6e7742ed2e6dccc5b5058a5d27a0974d00e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=16070400
cf-cache-status
MISS
cf-ray
89a813572f628f30-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 20:09:35 GMT
last-modified
Thu, 27 Jun 2024 20:09:35 GMT
link
<https://estacaonoticia.com.br/wp-json/>; rel="https://api.w.org/" <https://estacaonoticia.com.br/wp-json/wp/v2/posts/30771>; rel="alternate"; type="application/json" <https://estacaonoticia.com.br/?p=30771>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BTGmM2ZXKB9B15yU8aeECsu7fG%2BU2Evc3hlObYqm081Vt0%2B5D1gqNPt2fULn9RqvTRXdmw4KMnszWzySgOjJAwkEaclC%2BE5NfQn1TksksBT42fnQfhnyV58wI1oPH1NPJEiIJZAaXlI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status
MISS
x-powered-by
PHP/7.4.33

Redirect headers

cache-control
private, no-cache
cf-ray
89a813565e138f30-FRA
content-length
167
content-type
text/html
date
Thu, 27 Jun 2024 20:09:34 GMT
location
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
5c69814ef8588cde3be0f0a5fbcba7bb1833d20916f807eb2e9c833c37007706
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31379
x-xss-protection
0
server
cafe
etag
159 / 19901 / 31084895 / config-hash: 6951803660126724634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 27 Jun 2024 20:09:35 GMT
wrapper.v2.estacaonoticia.com.br.js
js.publinker.com/ 		72 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.publinker.com/wrapper.v2.estacaonoticia.com.br.js
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-58.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42f75e0737380cfd3764a03755579e1f5b527e29df5d843c53ba43667baeb19a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9O3r42Rkqkq2gJhyqXx5UJvX2X_v94kf
content-encoding
br
via
1.1 ac9a9db2e57fbe7ebe7ee8fc2d557856.cloudfront.net (CloudFront)
date
Thu, 27 Jun 2024 20:09:36 GMT
x-amz-cf-pop
MXP64-C3
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jun 2024 15:31:24 GMT
server
AmazonS3
etag
W/"e49bbf57355d3385129abe9a3246ae4a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=360
x-amz-cf-id
UKGJYTjL6JeUVKrCMYg4vIyZKot4utCuCWf6wo7NkkqjeumBiuOyAg==
expires
Thu, 27 Jun 2024 15:36:23 GMT
style.min.css
estacaonoticia.com.br/wp-includes/css/dist/block-library/ 		111 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estacaonoticia.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:35 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 24 Apr 2024 13:17:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6629067d-1bae5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNmr%2BacHN5Ql3ortXIlpjNHGVXrSYZ6l9n%2B4m0t8R%2FijxWBt8gHJY9dTN0D0z%2Fpf9T1cE7wsoiRzNEIkEhPWEqZ5MhFcZJ8nuYZh2bqZHnIQnd25GD0U5nr2HQ6VfBaumwWVnwQu6Hs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
89a8135b3f728f30-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		3 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A600%7CQuicksand%3A400%2C600&subset=latin%2Clatin-ext&display=swap&ver=1.8.6
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73e361ea3012eb7d6a1877239abc9bdfe6b8907d899242572916f2b625e50cbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jun 2024 20:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jun 2024 20:09:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jun 2024 20:09:35 GMT
style-shared.min.css
estacaonoticia.com.br/wp-content/themes/go/dist/css/ 		150 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estacaonoticia.com.br/wp-content/themes/go/dist/css/style-shared.min.css?ver=1.8.6
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dac810ef6830c9945fa01a45b9c93dc13f0ddeeb587fb30a6a0dd47d4d7ec0d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:35 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Oct 2023 16:06:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65369a18-25892"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMEzBhoifMkgNBRUXxsS9iGVOMFA6yjGH90djqawxZmYlpsBI0sU6wHPfZm5UQ7GbVnjMtvGnyBbFmmm0gbXixs1ZT9jEuNUj63DbVZ0lWYxgXXNjPQzFfXOypJ1wdvhKWhCgdXvKB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
89a8135b3f758f30-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
style-playful.min.css
estacaonoticia.com.br/wp-content/themes/go/dist/css/design-styles/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estacaonoticia.com.br/wp-content/themes/go/dist/css/design-styles/style-playful.min.css?ver=1.8.6
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b1e22a018a6a2b54ddfc4837ed6d0b1b5321fb3f75251bc936fd0dfbde9d65f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:35 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Oct 2023 16:06:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65369a18-12bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6P%2BCgUlIrI0vQzOSUoOyJCtDXEoj69UweO93EWMFgbTM%2Bjm14m4X5Hs5itjFpgm2YjVS7dPEN6hTVNn7y07sM9nrj%2BRNgfNYcCZQITTvh3w1bjEwa9aq1crOxt6g25kUBaiqhkdFVQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
89a8135b3f788f30-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
Logo_branca_PNG.png
estacaonoticia.com.br/wp-content/uploads/2023/12/ 		834 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estacaonoticia.com.br/wp-content/uploads/2023/12/Logo_branca_PNG.png
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41ee1b4b5550f40686c6165c1cdc965a49af962a9ca31bfc47559ebe87b6cfb4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:35 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Dec 2023 13:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65770e8e-342"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rVSsDcAi%2BWRNBfDMsphmNNQKvJ%2BezpvqgqZi%2FtZG4bMt%2Fc7qAyUqfKtp3hZ%2FtHZ20nueBtopwwU%2BEunOiHvF5oyNKqYhDjbgtyQaIrTKW62JFSf4iFAWeuXSyIrRCRrBTAF2YEysrb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89a8135d2b288f30-FRA
alt-svc
h3=":443"; ma=86400
content-length
834
expires
Thu, 31 Dec 2037 23:55:55 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406260101/ 		466 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406260101/pubads_impl.js?cb=31084895
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
53ce8d479a67efd36af35fc877af39a364e2c3bccd893a86b177ee000a8fd26b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
36490
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148623
x-xss-protection
0
server
cafe
etag
11338773816559034756
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 27 Jun 2025 10:01:25 GMT
checker
ivt.publinker.com/ 		0
0
checker
ivt.publinker.com/ 		0
0
integrate_d13bbb2ab0f66d5ad464781f7c165ba0.js
cdn.pushalert.co/ 		249 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushalert.co/integrate_d13bbb2ab0f66d5ad464781f7c165ba0.js
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
f56990a8c29c0ee7179cd3e2eacd7bbd27575c514b373c7da83e3a34e37ba2aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self';
content-encoding
br
cdn-edgestorageid
1079
cdn-cachedat
06/24/2024 13:10:35
cdn-pullzone
1594972
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jun 2024 11:28:19 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cdn-cache
HIT
cdn-uid
1668653e-62f3-41a8-943a-09aa7358583c
cache-control
public, max-age=8640000
cdn-requestid
2add3e8f74a3a687ef558d1cf5836fab
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ 		298 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-563FF8P
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
813a60694aaa905bd1408658c43e3bf416da3fd72e96f67568aa99298413f4ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103857
x-xss-protection
0
last-modified
Thu, 27 Jun 2024 19:11:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 Jun 2024 20:09:35 GMT
hotjar-4968833.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-4968833.js?sv=6
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
d7cb24d4f7e4a6c002ca3e4c8e62a2c4aa1b899cf69ba5dcd31795ddcab7aa4a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 27 Jun 2024 20:09:35 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/96511dc5eb839bad5f5316626fb0fc42
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
cYL8vxoZfa3H2tkAWZHRppBm6zpeFocnI-J9Il9HLydUxOoPHLRfmQ==
80a48198-35a2-4589-82a2-b2c81aadd4ad
https://estacaonoticia.com.br/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://estacaonoticia.com.br/80a48198-35a2-4589-82a2-b2c81aadd4ad
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A600%7CQuicksand%3A400%2C600&subset=latin%2Clatin-ext&display=swap&ver=1.8.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://estacaonoticia.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 10:20:13 GMT
x-content-type-options
nosniff
age
35362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28064
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 10:20:13 GMT
modules.de6b9e294c29aa146ba1.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.de6b9e294c29aa146ba1.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-4968833.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
743c4b93ab02f0ece15aa8bdb1f7b5d57e1753fe5ef6d320612ee0888e1196c6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
294028
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56329
last-modified
Mon, 24 Jun 2024 10:28:38 GMT
etag
"008a76cf1200a93494425164a6546e72"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
N_aLx0cxUh1OVTpFFGWtDTOYhPZF2GwgJ2TBxitZBXPq-uRuNkJqwQ==
remixicon.css
cdn.jsdelivr.net/npm/remixicon@4.2.0/fonts/ 		136 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/remixicon@4.2.0/fonts/remixicon.css
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b1dafcb272070e56756f7c37fed81556b6d14d85cd4cc425e073e58d4a58328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Jun 2024 20:09:35 GMT
x-content-type-options
nosniff
content-encoding
br
age
1181058
x-jsd-version
4.2.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17762
x-served-by
cache-fra-eddf8230023-FRA
x-jsd-version-type
version
etag
W/"21e09-juuWLXK6d3Qw+zL0Lrds0Tw1fN8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
post-image-ICBC-START-1.png
estacaonoticia.com.br/wp-content/uploads/2023/12/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estacaonoticia.com.br/wp-content/uploads/2023/12/post-image-ICBC-START-1.png
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf0f83184a4eadd926dfcf7b5b5e44e590a830e9b18e0e5cd75c89a4007eedf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:36 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Apr 2024 20:52:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"660dc185-2311f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56ZXbd5IUbNSCGPu49qJ%2F955zv0jbzAd3mUuYPRUaPM7rfXtmy%2Bbmb%2FC%2Bx3fOXObIu6LyqPoeAxPx%2FuqKKdcgfzDeh4nVDJ%2ByM%2Br2XF2TH6egoiG%2BbrEvXUJpiOTvwCtFZEnijTMiXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89a8135efea78f30-FRA
alt-svc
h3=":443"; ma=86400
content-length
143647
expires
Thu, 31 Dec 2037 23:55:55 GMT
card-AR-ICBC.png
estacaonoticia.com.br/wp-content/uploads/2024/03/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estacaonoticia.com.br/wp-content/uploads/2024/03/card-AR-ICBC.png
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d67526234c9f0fda5445462249a79f38af2c7dd7c03c85b96317c94126e2ee

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:36 GMT
cf-cache-status
MISS
last-modified
Thu, 28 Mar 2024 19:01:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6605be75-1b54c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F3piMP3QCAyRAfDvm0xi0PpYLExC%2Bj0jq9E3SraZD3rerNeGf0hbS3D5lUd%2Fmvk2Cu1bEy89pnJOCGLtQAJTkbfTMZj1C3pllfJBlvuKfQmO67WS5H5mO4TGbto0ecKedIwEHTnpEvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89a8135efead8f30-FRA
alt-svc
h3=":443"; ma=86400
content-length
111948
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.min.js
estacaonoticia.com.br/wp-content/themes/go/dist/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://estacaonoticia.com.br/wp-content/themes/go/dist/js/frontend.min.js?ver=1.8.6
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306244949e62140da69f30045493d14a19e6967db8797cd5de5b7688637d1f47

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:36 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Oct 2023 16:06:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65369a18-22c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHp7oG3tAbO8gHD2aCqzbK8k2UYs8ahSfu0WOeT4Pr%2FJ%2FAUrI6wvJ1lloAY%2BDM1YAZWwadL6a%2BqS1wDzoySedwkQxPP2y%2FxyXuibnHvpM91JgED5Im0hWqE9pxUYMYMAiislipS0ULE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
89a8135efeb48f30-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A600%7CQuicksand%3A400%2C600&subset=latin%2Clatin-ext&display=swap&ver=1.8.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://estacaonoticia.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 14:48:44 GMT
x-content-type-options
nosniff
age
192051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 14:48:44 GMT
21904202593
fundingchoicesmessages.google.com/i/ 		197 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/21904202593?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406260101/pubads_impl.js?cb=31084895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9e9693f5bdf9a7612480572a6420bf7e8a51603bc2369a7ec002c0bf7b8aed1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jZzMJL8rNmXE1Agr-CI_rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jZzMJL8rNmXE1Agr-CI_rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw1ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgFuLmaOj7vplNoGHvQi4ljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjEwMzIzM9A5P4AgMAnHE41w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		316 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W0GR6DDMBY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-563FF8P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f59857fede86f0703d2d63796ec75763034e2b97a33c26d172630664aee08f7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106130
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 27 Jun 2024 20:09:36 GMT
fbevents.js
connect.facebook.net/en_US/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-563FF8P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 27 Jun 2024 20:09:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58251
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1368, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
/GXjca8BJsfxVHBcqHcK3rdW5LR4CDcGu7AlbRAwIpGcBOKi5UBgqbtD+OgIUcAqeevPnd0dJY9epdlgeLDy8g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPTCHUJC77U1C0R4RD2G&lib=ttq
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c55e09f18d40437e353a6e28bf92f3fdaa71b29f6cff18622c6ff57ca454209b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
86a09b5.27994b47
date
Thu, 27 Jun 2024 20:09:36 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406272009367B8E9371454DF68A43D1-6987868F63526D1D-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
94,23.51.23.82
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=7, inner; dur=4
content-length
2096
pragma
no-cache
server
nginx
x-tt-logid
202406272009367B8E9371454DF68A43D1
x-cache-remote
TCP_MISS from a104-78-78-79.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,104.78.78.79
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8710b84c0b3fe3d829746fe7edbf06daf663d5df93d840b996c00e62309d1c6e81f2a74e106772cf2ef5b032e144d8c77a05050da0f502082e66d5fd6c619eae4d6461785e505000ffb976af7eeaeb16ab9f11f880dfd107ca6fa578781881a4b
expires
Thu, 27 Jun 2024 20:09:36 GMT
641886521215784
connect.facebook.net/signals/config/ 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/641886521215784?v=2.9.159&r=stable&domain=estacaonoticia.com.br&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5e7b8db475b47d307c64edef4f2646cd41f02e21981242a2be984cdd6afac2d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 27 Jun 2024 20:09:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=62, mss=1368, tbw=63763, tp=-1, tpl=-1, uplat=314, ullat=0
pragma
public
x-fb-debug
wOdx9yV7fT4QnVB7dbB1rlWM8j5+UR4AdBUVvEYDBf82kK71S68RPBYcq/VCQo8vRF8WEHAwqgoUv6VnCbrGKw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
AGSKWxUGpb2ryr0eIvzinmzKl05arcQhRyw1ncpmlE38MrJzC0w3OMAuv9ZBqhg3CAw3yI0oAGKkFgzNy5WhKnEsduICJefykHYhst_Jq1Y-hK3TL3DkK_GdFPCFoQ9Zxa5nzp-3sCXg8g==
fundingchoicesmessages.google.com/f/ 		413 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUGpb2ryr0eIvzinmzKl05arcQhRyw1ncpmlE38MrJzC0w3OMAuv9ZBqhg3CAw3yI0oAGKkFgzNy5WhKnEsduICJefykHYhst_Jq1Y-hK3TL3DkK_GdFPCFoQ9Zxa5nzp-3sCXg8g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5NTE4OTc2LDE2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9lc3RhY2Fvbm90aWNpYS5jb20uYnIvYXIvdGFyamV0YS1pY2JjLXN0YXJ0LXZpc2EvIixudWxsLFtbOCwiVEd2RGpqb1NWbE0iXSxbOSwiZGUiXSxbMjIsImZhbHNlIl0sWzE5LCIxIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.TGvDjjoSVlM.es5.O/am=GAY/d=1/rs=AJlcJMwyChwsYlqmhNHAo7OwhKPhyFidVQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb0abe833f953b98fe53867daa43c7656f51320ac0ac68a445039295d50d0be6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kwj92a3Zn7_2SiL2aADD8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-Kwj92a3Zn7_2SiL2aADD8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw15BiOHHrNtMFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4iURF1kPJV5kPfj4IutJIBbi5mjo-76ZTWDB5rn1ShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiYGZkZmegYm8QUGAFnLPm4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
wp-emoji-release.min.js
estacaonoticia.com.br/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://estacaonoticia.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:36 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 24 Apr 2024 13:17:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6629067d-4926"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7MGYLIBSL129y4i0iM%2BdV2Sxdo0W0p7aBYm9O%2B8xs3oIzgVzvTJ6EE%2BgX7WtE2DrdZ3qbn%2FSKhQ%2FmeIsfmw%2B%2FjKS3bIaJJyadn5MPWcoD0QIo1ylFFqHWHs8945AnlmWvsB81yUftoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
89a813612b0e8f30-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		611 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15bb45a76a5dba6fbc8f352ef5154d55cd508655e9bd3cd6c6d642b9a3c56255

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
main.MTZkNWZlYWU4NQ.js
analytics.tiktok.com/i18n/pixel/static/ 		352 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPTCHUJC77U1C0R4RD2G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
188f2d616625fc872ddce97743e52df08199aa22da7971712bb7ff570e61bdbf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
27994c6c
date
Thu, 27 Jun 2024 20:09:36 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240627153455E109D5BECA3C295AB901
x-tt-trace-id
00-240627153455E109D5BECA3C295AB901-6894CB656DD2977D-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0147f6d609df0db7f6233b8bbbbec1dd3daa3fc4833cc39054dd732eb88b878d9b719c7daf827cacf0aca62016b591a58685e6779d261abaeebe35d19ef487daeab3f0e8c1b46e16f9579f9441368a1fac22430395ede806501271eea07e92f9ab
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
102687
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
27994cd7
date
Thu, 27 Jun 2024 20:09:36 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405211400000ED8D85B2593863F7B9E
x-tt-trace-id
00-2405211400000ED8D85B2593863F7B9E-35627ECC8BDAE6EF-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01ccb90ac94d192b5fd8226e8c369cf711cbfad6a36cc8e381f86823362faef40f607e18da6e4ce45d44370858b669c20272bc0056b26167dd6df11c1445703d34004aa9514ce24005f7f776df0d572f250216272e426f770c6f3e089057cae5ed
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39883
monitor
analytics.tiktok.com/api/v2/ 		0
835 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1fc07e13.27994ce1
date
Thu, 27 Jun 2024 20:09:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24062720093652AF0239B469A6725117-342027D72138ABF6-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
107,23.51.23.82
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=13, inner; dur=10
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024062720093652AF0239B469A6725117
x-cache-remote
TCP_MISS from a23-218-222-4.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,23.218.222.4
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8ebd312179e0bd5133ff3180f5b5079e801c01362c0e305df149f714ed5a8fa45df7e1f55ce91689e035137d3a2f08d89edc9241411b4161b29b21192013036bee2ea275ea250b84b142e5b17e1cf71a0b53e4e791b05d894207bb0653c9ccc52
access-control-allow-headers
Authorization,*
expires
Thu, 27 Jun 2024 20:09:36 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
27994ce5
date
Thu, 27 Jun 2024 20:09:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240627200936A89F7D02E57BE27B23F5-044B6B4A595D8D96-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=12, cdn-cache; desc=MISS, edge; dur=4, origin; dur=124
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240627200936A89F7D02E57BE27B23F5
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
124,23.51.23.82
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8710b84c0b3fe3d829746fe7edbf06daf80020ac85c45a592e42138b345a9abbc99ce17b56c21546440907c04b2b444060bd764dbc7f77f5d366902945c1122ec5380726acf30c3d01345ecc2fe2c3086
access-control-allow-headers
Authorization,*
expires
Thu, 27 Jun 2024 20:09:36 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
842 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
94ddb73.27994ce6
date
Thu, 27 Jun 2024 20:09:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406272009364F70594CC8F2D26CB52B-75BEB57B5CEDCB6D-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
451,23.51.23.82
server-timing
cdn-cache; desc=MISS, edge; dur=346, origin; dur=108, inner; dur=14
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202406272009364F70594CC8F2D26CB52B
x-cache-remote
TCP_MISS from a23-222-16-85.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
109,23.222.16.85
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8ebd312179e0bd5133ff3180f5b5079e8e1e5ebce38ff5902bf15c8e1d71f0bf71f73e51b78332909b57c8b0271c6258969f97d635b1de5b42f634125bfb436a52fca44ba17ae57d65d47c1c42d1a33a62084fe18f82bba00e5b2fe54cc410a68
access-control-allow-headers
Authorization,*
expires
Thu, 27 Jun 2024 20:09:36 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
27994ce7
date
Thu, 27 Jun 2024 20:09:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240627200936D7CC1ED697418B6DDAD6-2D3C5B6535834206-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=12, cdn-cache; desc=MISS, edge; dur=3, origin; dur=123
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240627200936D7CC1ED697418B6DDAD6
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
123,23.51.23.82
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8710b84c0b3fe3d829746fe7edbf06daf5a82b8ee3108f39a19da93fb4695e2c6f10930c4bdaf7d3fae7645d88ab66b3ea47a7d6e2ec0e505b5e09829544958acaeb372078361acd309c9a2c616efc505
access-control-allow-headers
Authorization,*
expires
Thu, 27 Jun 2024 20:09:36 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
27994ce8
date
Thu, 27 Jun 2024 20:09:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240627200936FA7655D8686EEE7B4328-321445798BBB4CA1-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=17, cdn-cache; desc=MISS, edge; dur=6, origin; dur=133
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240627200936FA7655D8686EEE7B4328
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
134,23.51.23.82
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8710b84c0b3fe3d829746fe7edbf06dafbd46969f6ca155cab40b4bd423e7215b0bc84fb680e6828abc109f278c6987da184a7335bd228709ef1100f6aac829daa6f04706c3cbf8f3301e6c70609921ed
access-control-allow-headers
Authorization,*
expires
Thu, 27 Jun 2024 20:09:36 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
839 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1fc07da8.27994cf3
date
Thu, 27 Jun 2024 20:09:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240627200936E5AF45AD98C71B714247-0FC6F1D53823291C-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
106,23.51.23.82
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=18, inner; dur=12
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240627200936E5AF45AD98C71B714247
x-cache-remote
TCP_MISS from a23-218-222-4.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
18,23.218.222.4
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8ebd312179e0bd5133ff3180f5b5079e801c01362c0e305df149f714ed5a8fa45b73b62c7675aa1001d877ed35c65e8f03a62e56c55f0f4aaca35e8342acf5113f93b681b95f170707f7758db7f78265d10ab6b0eec076fab441976bad65c3f90
access-control-allow-headers
Authorization,*
expires
Thu, 27 Jun 2024 20:09:36 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
698 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
27994cf4
date
Thu, 27 Jun 2024 20:09:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240627200936F137161343532C88E163-1620A94B2ECBEFA2-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=16, cdn-cache; desc=MISS, edge; dur=5, origin; dur=128
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240627200936F137161343532C88E163
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
129,23.51.23.82
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8710b84c0b3fe3d829746fe7edbf06dafdc2a97390009c20fe992ca7b8884923d308ba3bd98c2122b1a0ba64af210d1faa8048b4e17208fac4cd9952c5d64c2659602ffb8ac8d904c87e29b01dc35218f
access-control-allow-headers
Authorization,*
expires
Thu, 27 Jun 2024 20:09:36 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
94ddb1b.27994cfa
date
Thu, 27 Jun 2024 20:09:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406272009360F479FA46B889F6D12BB-6769BD2474BFB512-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
267,23.51.23.82
server-timing
cdn-cache; desc=MISS, edge; dur=168, origin; dur=104, inner; dur=29
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202406272009360F479FA46B889F6D12BB
x-cache-remote
TCP_MISS from a23-222-16-85.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
104,23.222.16.85
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8ebd312179e0bd5133ff3180f5b5079e8e1e5ebce38ff5902bf15c8e1d71f0bf722d99ce68049a2497a7472e27d75dc5f0dfa4e66e95f6dc03ddb496d57e7af00153e05c62d0c66258cb03dfe25568a74c76fecf7880d7cb296253b930908b8b6
access-control-allow-headers
Authorization,*
expires
Thu, 27 Jun 2024 20:09:36 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
839 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
627c41ab.27994d06
date
Thu, 27 Jun 2024 20:09:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240627200936834F65F0CFAEA5673888-1BAD719029324C26-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
102,23.51.23.82
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=15, inner; dur=12
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240627200936834F65F0CFAEA5673888
x-cache-remote
TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
15,23.220.104.8
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8ebd312179e0bd5133ff3180f5b5079e86fac97311bb6c9db646546cf7926f4c2eadea5cf748e575ae76fb3769812c84c397b38e1b70ff5ab184ca1a2f21450e1b9a41e3c73c32e509f4c77d43899e90abdf0f38d79ed7cf9e5ccbbd6e09fc240
access-control-allow-headers
Authorization,*
expires
Thu, 27 Jun 2024 20:09:36 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.TGvDjjoSVlM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzsVI6ScMkBhqYHmrq897bz3VTQSg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 27 Jun 2024 20:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 27 Jun 2024 20:09:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 Jun 2024 20:09:36 GMT
jYiunHkkH2HON9BJbW21MGYODnw9t2IHtRrqVsTEgI104dyK4YDAnx52M6gAddVfsBL4oXeagSA8ZgPYDRtNvNQwX0zyWpTyCgTxjQJJy12BH58605yNzQ=h60
lh3.googleusercontent.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/jYiunHkkH2HON9BJbW21MGYODnw9t2IHtRrqVsTEgI104dyK4YDAnx52M6gAddVfsBL4oXeagSA8ZgPYDRtNvNQwX0zyWpTyCgTxjQJJy12BH58605yNzQ=h60
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5fb98416d29d05a318e24360bf9f629da747fcd7a9b0b03711da585e74d0564b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:36 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4665
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 28 Jun 2024 20:09:36 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Origin
https://estacaonoticia.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 15:16:21 GMT
x-content-type-options
nosniff
age
190395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 15:16:21 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Origin
https://estacaonoticia.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:40:54 GMT
x-content-type-options
nosniff
age
5322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:40:54 GMT
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-W0GR6DDMBY&gtm=45je46q0v874644835z8830989289za200zb830989289&_p=1719518975729&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&ta...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=410895690.1719518976&dbk=3953449759556238784&dma=1&dma_cps=sypham&en=page_view&gtm=45je46q0v874644835z8830989289za2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=410895690.1719518976&dbk=3953449759556238784&dma=1&dma_cps=sypham&en=page_view&gtm=45je46q0v874644835z8830989289za200zb830989289&npa=1&tid=G-W0GR6DDMBY&dl=https%3A%2F%2Festacaonoticia.com.br%3F
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://estacaonoticia.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0xec66faf4fa5b883","source_keys":["1"]},{"key_piece":"0xe17f887eb616d5eb","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"3953449759556238784","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["10798217586","623106772"],"5":["06-27","06-26","06-25"]}}
date
Thu, 27 Jun 2024 20:09:36 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Jun 2024 20:09:36 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=410895690.1719518976&dbk=3953449759556238784&dma=1&dma_cps=sypham&en=page_view&gtm=45je46q0v874644835z8830989289za200zb830989289&npa=1&tid=G-W0GR6DDMBY&dl=https%3A%2F%2Festacaonoticia.com.br%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
508
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-W0GR6DDMBY&cid=410895690.1719518976&gtm=45je46q0v874644835z8830989289za200zb830989289&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W0GR6DDMBY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 20:09:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://estacaonoticia.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxU-3TZZNA5TZx0vfQo1_VCUyZ-hkvs27pg1wdzZg1XxViK6GMC0JOdRItKvUt52NZvElZ2eGibSkQPTF_bN6eYqZJKuq7po_vxqlzU247QgSJQLGodzW9XuEXg6-hk21kXvOpyrhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU-3TZZNA5TZx0vfQo1_VCUyZ-hkvs27pg1wdzZg1XxViK6GMC0JOdRItKvUt52NZvElZ2eGibSkQPTF_bN6eYqZJKuq7po_vxqlzU247QgSJQLGodzW9XuEXg6-hk21kXvOpyrhA==
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U5tFXdI1tDXZbFQkZGNZmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jun 2024 20:09:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-U5tFXdI1tDXZbFQkZGNZmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw9HQ930zm8CLxgsPGJVckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiYGZkZmegXl8gQEAYC8r_g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://estacaonoticia.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU-3TZZNA5TZx0vfQo1_VCUyZ-hkvs27pg1wdzZg1XxViK6GMC0JOdRItKvUt52NZvElZ2eGibSkQPTF_bN6eYqZJKuq7po_vxqlzU247QgSJQLGodzW9XuEXg6-hk21kXvOpyrhA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU-3TZZNA5TZx0vfQo1_VCUyZ-hkvs27pg1wdzZg1XxViK6GMC0JOdRItKvUt52NZvElZ2eGibSkQPTF_bN6eYqZJKuq7po_vxqlzU247QgSJQLGodzW9XuEXg6-hk21kXvOpyrhA==
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Mi1C18pDPQXg45dPZ9Cuyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 27 Jun 2024 20:09:36 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Mi1C18pDPQXg45dPZ9Cuyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw9HQ930zm8CDn1MfMSq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwMzIzM9A_P4AgMAboQsMQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://estacaonoticia.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-W0GR6DDMBY&cid=410895690.1719518976&gtm=45je46q0v874644835z8830989289za200zb830989289&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1762511296
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 20:09:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=641886521215784&ev=PageView&dl=https%3A%2F%2Festacaonoticia.com.br&rl=https%3A%2F%2Festacaonoticia.com.br&if=false&ts=1719518976395&sw=1600&sh=1200&v=2.9.159&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.2.1719518976394.51769154035005732&pm=1&hrl=72532b&cdl=API_unavailable&it=1719518976033&coo=false&tm=1&cs_cc=1&rqm=GET
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=2832, tp=-1, tpl=-1, uplat=0, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 27 Jun 2024 20:09:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=641886521215784&ev=PageView&dl=https%3A%2F%2Festacaonoticia.com.br&rl=https%3A%2F%2Festacaonoticia.com.br&if=false&ts=1719518976395&sw=1600&sh=1200&v=2.9.159&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.2.1719518976394.51769154035005732&pm=1&hrl=72532b&cdl=API_unavailable&it=1719518976033&coo=false&tm=1&cs_cc=1&rqm=FGET
Requested by
Host: estacaonoticia.com.br
URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xacf0387ffa055143","source_keys":["1","2"]},{"key_piece":"0x60a48bda512cd9b6","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 27 Jun 2024 20:09:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385277767402692050", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=15, mss=1368, tbw=3149, tp=-1, tpl=-1, uplat=238, ullat=0
pragma
no-cache
x-fb-debug
Z+NFyREFmYD/u3vkbqyx656DbnC7ASrtQf1AWxMtnfmPvvHz7566AR7fPoE2ejwIyYDI0H6DdGDou7/yL9Cz+A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385277767402692050"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
monitor
analytics.tiktok.com/api/v2/ 		0
840 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/monitor
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
b8f189d.27994f04
date
Thu, 27 Jun 2024 20:09:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24062720093664B1193865689E721318-2A8B49FF2DCE50BF-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
107,23.51.23.82
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=16, inner; dur=12
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024062720093664B1193865689E721318
x-cache-remote
TCP_MISS from a23-222-16-31.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
17,23.222.16.31
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8ebd312179e0bd5133ff3180f5b5079e8b54237fd4c6bbe8dc32d68c72502f157b999081ff327f18fb7792dc7b064498b4cbfafee9fc2e988d326fa69a7e282da82ddec71e36d44463619fb9b666e067a718bf09a6efd979fb34ebca03fb8b720
access-control-allow-headers
Authorization,*
expires
Thu, 27 Jun 2024 20:09:36 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
27994f05
date
Thu, 27 Jun 2024 20:09:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240627200936021EEA879610206D5CDE-5AE6FE0D2D5AF69A-00
x-cache
TCP_MISS from a23-51-23-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
server-timing
inner; dur=23, cdn-cache; desc=MISS, edge; dur=7, origin; dur=132
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240627200936021EEA879610206D5CDE
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
132,23.51.23.82
x-tt-trace-host
01509ecbe5eeb28ba05730fcb649ea70b8710b84c0b3fe3d829746fe7edbf06daf80020ac85c45a592e42138b345a9abbc875e805e4f71a26863c85467e42e190ea0a58ae465f7c3e1b2cb42753512a7932e271f972d8aca4d3d5455229e14aea5
access-control-allow-headers
Authorization,*
expires
Thu, 27 Jun 2024 20:09:36 GMT
favicon.ico
estacaonoticia.com.br/ 		15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://estacaonoticia.com.br/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5a2df77453bc851810616b319295188b2a8e0fec27cbb32aff099b5668259e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:09:29 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 26 Feb 2024 17:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65dcd065-3c2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k7hjtgbh5ZXcOp0gKfKmauL7sTfvwGRM%2FJSfBbLgg4ER0juvWazAvGFqEWgST6V9cSctsaDwzCBS0CSx4lNYz%2Bf883kL1qi3EA4HvlULLVBOXEN6OXcSI9GEimSRBjHELOATYN%2B7Dqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
89a813370d828f30-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
1
estacaonoticia525.pushalert.co/optin/ 		15 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://estacaonoticia525.pushalert.co/optin/1
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4NQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://estacaonoticia.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 27 Jun 2024 20:09:37 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-cloud-trace-context
f3ab9cf17b570867e85331b065ac7ede
cache-control
private
content-length
41

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ivt.publinker.com
URL
https://ivt.publinker.com/checker?d=estacaonoticia.com.br&r=https%253A%252F%252Festacaonoticia.com.br%252Far%252Ftarjeta-icbc-start-visa%252F%253Futm_source%253Demail-ar%2526utm_medium%253Demail%2526utm_campaign%253Dicbcstart&type=display&sid=email-ar-estacaonoticia.com.br&c=email-ar-icbcstart-email-undefined-undefined&cust=email-icbcstart&cust2=undefined&cust3=undefined
Domain
ivt.publinker.com
URL
https://ivt.publinker.com/checker?d=estacaonoticia.com.br&r=https%253A%252F%252Festacaonoticia.com.br%252Far%252Ftarjeta-icbc-start-visa%252F%253Futm_source%253Demail-ar%2526utm_medium%253Demail%2526utm_campaign%253Dicbcstart&type=display&sid=email-ar-estacaonoticia.com.br&c=email-ar-icbcstart-email-undefined-undefined&cust=email-icbcstart&cust2=undefined&cust3=undefined

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 undefined| event object| fence object| sharedStorage object| DDMPOptions object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue function| __defProp function| __defNormalProp function| __publicField object| CookieConstants object| FloorConstants object| KvpConstants object| PBLK function| a0l5 function| a0v2 function| removerParametros function| getURLParameters object| _wpemojiSettings object| dataLayer function| hj object| _hjSettings object| brius_preloaders function| inserirElemento boolean| PAclassExists object| PushAlertCo object| pushalertbyiw object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled undefined| google_measure_js_timing object| google_reactive_ads_global_state object| goFrontend object| google_tag_manager function| fbq function| _fbq object| _fbq_gtm_ids string| TiktokAnalyticsObject object| ttq object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZDk5NzcwMmZlOTEzNDU2OGxvYWRlcl9qcw== string| ZDk5NzcwMmZlOTEzNDU2OGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady function| onYouTubeIframeAPIReady object| TenUp object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| gaGlobal object| twemoji object| wp string| checkBrowser object| pa_head boolean| isSubscribed

16 Cookies

Domain/Path Name / Value
.estacaonoticia.com.br/ Name: __cf_mw_byp
Value: XB_Lhvg0T_FIICUbd0ptRKUcBL7r_BJ_XCdvLWbrTm0-1719518969-0.0.1.1-/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
estacaonoticia.com.br/ Name: pblk_sid
Value: af5ee69e-820d-45d3-8818-0f898d6204ba
estacaonoticia.com.br/ Name: _bpre
Value: 1
estacaonoticia.com.br/ Name: publinker_utm_source
Value: email-ar
estacaonoticia.com.br/ Name: publinker_utm_campaign
Value: icbcstart
estacaonoticia.com.br/ Name: publinker_utm_medium
Value: email
.estacaonoticia.com.br/ Name: _gcl_au
Value: 1.1.384485475.1719518976
.estacaonoticia.com.br/ Name: _hjSessionUser_4968833
Value: eyJpZCI6IjllZDI1MDU3LTI3M2EtNTdiYy04NTQ4LWU4OTEzMjc3ZmU1ZiIsImNyZWF0ZWQiOjE3MTk1MTg5NzYyMTAsImV4aXN0aW5nIjpmYWxzZX0=
.estacaonoticia.com.br/ Name: _hjSession_4968833
Value: eyJpZCI6IjcyNTQ0M2QyLWIzNzYtNGFjOS1hYWQxLWFiZjYwNGYyMjAzYyIsImMiOjE3MTk1MTg5NzYyMTAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.tiktok.com/ Name: _ttp
Value: 2iTeQJnyPr77T4CK6DzX5nGWGrw
.estacaonoticia.com.br/ Name: _tt_enable_cookie
Value: 1
.estacaonoticia.com.br/ Name: _ttp
Value: Lqu-ypoTZtGLnlv78Xe_06PlG_f
.estacaonoticia.com.br/ Name: _ga_W0GR6DDMBY
Value: GS1.1.1719518976.1.0.1719518976.60.0.0
.estacaonoticia.com.br/ Name: _ga
Value: GA1.1.410895690.1719518976
.estacaonoticia.com.br/ Name: _fbp
Value: fb.2.1719518976394.51769154035005732
.region1.google-analytics.com/ Name: ar_debug
Value: 1

1 Console Messages

Source Level URL
Text
other error URL: https://estacaonoticia.com.br/ar/tarjeta-icbc-start-visa/?utm_source=email-ar&utm_medium=email&utm_campaign=icbcstart
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
cdn.jsdelivr.net
cdn.pushalert.co
connect.facebook.net
estacaonoticia.com.br
estacaonoticia525.pushalert.co
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ivt.publinker.com
js.publinker.com
lh3.googleusercontent.com
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
securepubads.g.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google.de
www.googletagmanager.com
ivt.publinker.com
13.226.175.58
13.32.27.54
142.250.186.35
172.67.174.120
18.66.102.11
2.21.20.18
2001:4860:4802:34::15
2001:4860:4802:34::36
216.58.206.34
216.58.206.78
2400:52e0:1e00::1079:1
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2001
2a00:1450:400c:c00::9c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::485
0dac810ef6830c9945fa01a45b9c93dc13f0ddeeb587fb30a6a0dd47d4d7ec0d
15bb45a76a5dba6fbc8f352ef5154d55cd508655e9bd3cd6c6d642b9a3c56255
188f2d616625fc872ddce97743e52df08199aa22da7971712bb7ff570e61bdbf
306244949e62140da69f30045493d14a19e6967db8797cd5de5b7688637d1f47
3b1e22a018a6a2b54ddfc4837ed6d0b1b5321fb3f75251bc936fd0dfbde9d65f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41ee1b4b5550f40686c6165c1cdc965a49af962a9ca31bfc47559ebe87b6cfb4
42f75e0737380cfd3764a03755579e1f5b527e29df5d843c53ba43667baeb19a
4d5a2df77453bc851810616b319295188b2a8e0fec27cbb32aff099b5668259e
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
53ce8d479a67efd36af35fc877af39a364e2c3bccd893a86b177ee000a8fd26b
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5c69814ef8588cde3be0f0a5fbcba7bb1833d20916f807eb2e9c833c37007706
5e7b8db475b47d307c64edef4f2646cd41f02e21981242a2be984cdd6afac2d6
5fb98416d29d05a318e24360bf9f629da747fcd7a9b0b03711da585e74d0564b
600ab6a21d792d4bbd50303a88363ebcbfb23c9f50ed6a0e7f4e62bc91d08836
6b1dafcb272070e56756f7c37fed81556b6d14d85cd4cc425e073e58d4a58328
6cf0f83184a4eadd926dfcf7b5b5e44e590a830e9b18e0e5cd75c89a4007eedf
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
73e361ea3012eb7d6a1877239abc9bdfe6b8907d899242572916f2b625e50cbc
743c4b93ab02f0ece15aa8bdb1f7b5d57e1753fe5ef6d320612ee0888e1196c6
813a60694aaa905bd1408658c43e3bf416da3fd72e96f67568aa99298413f4ef
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b2d67526234c9f0fda5445462249a79f38af2c7dd7c03c85b96317c94126e2ee
c55e09f18d40437e353a6e28bf92f3fdaa71b29f6cff18622c6ff57ca454209b
d4968f20ee5ca21cc2723e1fc843a6e7742ed2e6dccc5b5058a5d27a0974d00e
d7cb24d4f7e4a6c002ca3e4c8e62a2c4aa1b899cf69ba5dcd31795ddcab7aa4a
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e9693f5bdf9a7612480572a6420bf7e8a51603bc2369a7ec002c0bf7b8aed1
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f56990a8c29c0ee7179cd3e2eacd7bbd27575c514b373c7da83e3a34e37ba2aa
f59857fede86f0703d2d63796ec75763034e2b97a33c26d172630664aee08f7e
fb0abe833f953b98fe53867daa43c7656f51320ac0ac68a445039295d50d0be6