tribunapr-br.diariodoriogrande.com Open in urlscan Pro
2606:4700:3035::6815:1c85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tribunapr-br.diariodoriogrande.com/
Submission: On March 06 via api (March 6th 2024, 12:20:57 pm UTC) from US — Scanned from US

Summary HTTP 100 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 25 domains to perform 100 HTTP transactions. The main IP is 2606:4700:3035::6815:1c85, located in United States and belongs to CLOUDFLARENET, US. The main domain is tribunapr-br.diariodoriogrande.com.
TLS certificate: Issued by GTS CA 1P5 on January 7th 2024. Valid for: 3 months.

This is the only time tribunapr-br.diariodoriogrande.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3035::6815:1c85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
4	23.51.57.192 23.51.57.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	23.196.238.181 23.196.238.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	146.75.30.132 146.75.30.132	54113 (FASTLY) (FASTLY)
1	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
5 14	2a02:6b8::1:119 2a02:6b8::1:119	208398 (TELETECH) (TELETECH)
4	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
23	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
2	139.45.197.246 139.45.197.246	9002 (RETN-AS) (RETN-AS)
6	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3033::6815:bf5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	2606:4700:10:... 2606:4700:10::6816:21ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
4	2606:4700:10:... 2606:4700:10::ac43:a62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	() ()
6	2606:4700:303... 2606:4700:3030::6815:5974	() ()
1	2607:f8b0:400... 2607:f8b0:4006:817::2001	() ()
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	() ()
100	26

12 2606:4700:3035::6815:1c85 (United States)

ASN13335 (CLOUDFLARENET, US)

tribunapr-br.diariodoriogrande.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.51.57.192 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-192.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.238.181 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-238-181.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.30.132 (Ashburn, United States)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Russian Federation) 5 redirects

ASN208398 (TELETECH, RS)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)

aistekso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

petchoub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.246 (United Kingdom)

ASN9002 (RETN-AS, GB)

phamsacm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

cameesse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:bf5 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:21ac (United States)

ASN13335 (CLOUDFLARENET, US)

offerimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

interstitial-08.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:a62 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80a::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6815:5974 (None, )

ASN- ()

www.netdeal.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 30771
12	yandex.com 4 redirects mc.yandex.com — Cisco Umbrella Rank: 8664	5 KB
12	diariodoriogrande.com tribunapr-br.diariodoriogrande.com	93 KB
6	netdeal.com.br www.netdeal.com.br	110 KB
6	cameesse.net cameesse.net — Cisco Umbrella Rank: 55069	148 KB
6	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2071 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4493 mv.outbrain.com — Cisco Umbrella Rank: 2715 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 7477	89 KB
5	interstitial-08.com interstitial-08.com — Cisco Umbrella Rank: 191526	158 KB
5	petchoub.com petchoub.com	17 KB
4	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 20240	35 KB
4	aistekso.net aistekso.net — Cisco Umbrella Rank: 382652	37 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	279 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214	164 KB
3	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11818	2 KB
2	facebook.net connect.facebook.net	69 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	321 B
2	phamsacm.net phamsacm.net	37 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4006	72 KB
1	facebook.com www.facebook.com	185 B
1	googlesyndication.com tpc.googlesyndication.com	10 KB
1	offerimage.com offerimage.com — Cisco Umbrella Rank: 35569	8 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 23613	504 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 25045	8 KB
1	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 11047	537 B
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
100	25

	Domain	Requested by
18	jouteetu.net	petchoub.com
12	mc.yandex.com	4 redirects tribunapr-br.diariodoriogrande.com mc.yandex.ru
12	tribunapr-br.diariodoriogrande.com	tribunapr-br.diariodoriogrande.com petchoub.com
6	www.netdeal.com.br	www.googletagmanager.com www.netdeal.com.br
6	cameesse.net	tribunapr-br.diariodoriogrande.com cameesse.net
5	interstitial-08.com	cameesse.net interstitial-08.com
5	petchoub.com	tribunapr-br.diariodoriogrande.com petchoub.com
4	littlecdn.com	interstitial-08.com
4	aistekso.net	tribunapr-br.diariodoriogrande.com aistekso.net
3	www.googletagmanager.com	tribunapr-br.diariodoriogrande.com www.googletagmanager.com
3	securepubads.g.doubleclick.net	tribunapr-br.diariodoriogrande.com securepubads.g.doubleclick.net
3	my.rtmark.net	petchoub.com phamsacm.net
3	widgets.outbrain.com	tribunapr-br.diariodoriogrande.com widgets.outbrain.com
2	connect.facebook.net	tribunapr-br.diariodoriogrande.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com
2	phamsacm.net	tribunapr-br.diariodoriogrande.com phamsacm.net
2	mc.yandex.ru	1 redirects tribunapr-br.diariodoriogrande.com
1	www.facebook.com
1	tpc.googlesyndication.com	tribunapr-br.diariodoriogrande.com
1	offerimage.com	tribunapr-br.diariodoriogrande.com
1	fleraprt.com	tzegilo.com
1	tzegilo.com	aistekso.net
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	mv.outbrain.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	tribunapr-br.diariodoriogrande.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tribunapr-br.diariodoriogrande.com
100	28

This site contains links to these domains. Also see Links.

Domain
especiais.tribunapr.com.br
ldsportnews.com
api.whatsapp.com

Subject Issuer	Validity	Valid
diariodoriogrande.com GTS CA 1P5	`2024-01-07` - `2024-04-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2025-01-03`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
aistekso.net R3	`2024-01-04` - `2024-04-03`	3 months	crt.sh
petchoub.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
phamsacm.net R3	`2024-01-13` - `2024-04-12`	3 months	crt.sh
cameesse.net R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh
jouteetu.net R3	`2024-02-24` - `2024-05-24`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
tzegilo.com GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
interstitial-08.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-14` - `2024-03-13`	3 months	crt.sh
netdeal.com.br GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://tribunapr-br.diariodoriogrande.com/
Frame ID: D3DB226384F8FD58645645CD73F0E9F5
Requests: 87 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: F2D8D4F3F6EBC3028EB27D4B44D1C489
Requests: 2 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Frame ID: 2B03CB37E1D4B00F6E0258C23B5E22AE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

100
Requests

94 %
HTTPS

56 %
IPv6

25
Domains

28
Subdomains

26
IPs

3
Countries

1386 kB
Transfer

3738 kB
Size

39
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://especiais.tribunapr.com.br/
Title: Especiais da Tribuna

Search URL Search Domain Scan URL

URL: https://ldsportnews.com/
Title: LD Sport News

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?1=pt_BR&phone=554196839504

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10300.1NM8QYHk03XqEjuQGju9g56IRRc46xyL6AXnMq2CluMIPijm_TBGjTF9lFYVuFiq.drFkg7q5fEMUFnRwLNOLAlCy4Vs%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10300.Z0GQ4r3XniD5KObQploX5CwUgySsrLbohGbX1bAJipA1BOGnv9ig0tJMrnKysaNc0gn2ZBgfCyX-R3BtxpGBRPzpE4XCeBV5MgUNa_A30OeYIU2EBQ6ptPVAE4xfrXmdyYJnswyOV54_iBmcWUVwRFABw6m-w-gLljLu67At-csMv2uLqRb8kkT9gknHFueM4pNVvaTgiVc5-bdZkC58K32HIbZuG3YiPuroouNro8c%2C.LZ603Yi-hiML0u-8CKwoshDLMPo%2C

Request Chain 54

https://mc.yandex.com/watch/92306955?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A2%3Adp%3A0%3Als%3A808385835141%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A472764935%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/92306955/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A2%3Adp%3A0%3Als%3A808385835141%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A472764935%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Request Chain 55

https://mc.yandex.com/watch/92138133?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A3%3Adp%3A0%3Als%3A1635803656222%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A31933812%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/92138133/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A3%3Adp%3A0%3Als%3A1635803656222%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A31933812%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Request Chain 56

https://mc.yandex.com/watch/92137976?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A1113343059054%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A668495172%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/92137976/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A1113343059054%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A668495172%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

100 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tribunapr-br.diariodoriogrande.com/ 234 KB
65 KB 1380ms
1297ms Document
text/html 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ec3a0b2e11329044ebda7d56ac93988ea56bd3ee363dfe21abc4cc78c636ef4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86024d4afd20b9c5-EWR
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 06 Mar 2024 12:20:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMnD9VWW3U1Kt1ItqSSDhl9V61JSlFameD22rsT54UQ4gwcuF5zI2NkXCSB7fUYOG3xXaZUPCrci8wS0lr9VsKydZGaMVandvCsp9bZ6RXLBDEXwIan9%2BpqZMGjhBv9SeMXG%2BLWTyGAc9PfDIKPdyzADkfFVEFK0pWuPGLu3efUZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 108ms
42ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@400;700;900&display=swap

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e753e3f2746f99752d2e0c4df92615fab0daa27aeefb4e6b4c0e64a03a2f0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Mar 2024 12:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 12:20:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Mar 2024 12:20:49 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 234 KB
85 KB 158ms
79ms Script
application/x-javascript 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.outbrain.com/outbrain.js

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-57-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

1de34347059320a70e04dfe1109e0c8a09b58cf32983a5f88c8ee91a03173466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 06 Mar 2024 12:20:50 GMT
edge-cache-tag: widget-cheetah
x-traceid: a64710713714032242b5299c0a0a4118
content-length: 86462
last-modified: Sun, 03 Mar 2024 07:44:22 GMT
etag: "17-qiJkhMOljFSBuHp5cl61+xoy3zk"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14500
access-control-allow-credentials: false
timing-allow-origin: *, *
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 cardhome.css
tribunapr-br.diariodoriogrande.com/resources/css/blocks/ 19 KB
3 KB 465ms
464ms Stylesheet
text/css 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/resources/css/blocks/cardhome.css?ver=f129923a
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4b75b35557d053e7859b791dbf4209d5c8de124cc62a5d1c016aa2f0bdc88a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:50 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCrtbKTqJAuOK%2FIuHI4RDtL7w2bt%2F8ZWLte483OFMc8%2FukafwykCXSj0av%2FDXD%2F9j6xY4kREFS9zaM8lUhq3mp9NUt5Jwk%2FnQkRpgAeCnz%2BitIPlhabSTwybPj%2FE5rcahQVN%2Bs0RrbQYWxgF7IKKLIu1DNjft6b9u%2F1jq2KgorAB"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86024d53cacfb9c5-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 card-horoscope.css
tribunapr-br.diariodoriogrande.com/resources/css/blocks/ 1 KB
852 B 294ms
294ms Stylesheet
text/css 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/resources/css/blocks/card-horoscope.css?ver=f129923a
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67c7cd645d6e4db67f553c2191560e11463196f2e6d117c26007eb30741ba524

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:50 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leJzDGPH0Zf%2FOFvMDzMYEom4LbC6Z4tF0clF63zqxzAGyHN2HKcg57Dk8EP8V87FgMbK6v82XWs%2FrKMz1gziOEVoP6WfN1ftSBi7UiuKD%2FKRTMiPiCXSACbNufYxIxFPtjXJrQvBaBx39pcGjp7taAtndWshwHvc3tLeoEn4vINj"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86024d53cad0b9c5-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cardblogs.css
tribunapr-br.diariodoriogrande.com/resources/css/blocks/ 2 KB
1 KB 594ms
594ms Stylesheet
text/css 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/resources/css/blocks/cardblogs.css?ver=f129923a
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3755841ecb257d991d3302ac3a5cf3817ec61095be2200e98dd7102cb69f228

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:50 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bw9KTfxXPUG60vHVXDFHLxTdLekxwFrHYlD%2F9JiApGtE9AMcAkhe%2FVdGXIvOQcLhTmHS%2BaJRJaKMyZlKT%2B9t3xJXi59uoq34e4JNS6SXlm7RSPwfIOs6J4oHT7kdcJBZq8h8onGle58bUD9SgrYgj3qx6mH7he3jUH8mKDudR2F8"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86024d53cad1b9c5-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cardteam.css
tribunapr-br.diariodoriogrande.com/resources/css/blocks/ 826 B
692 B 532ms
532ms Stylesheet
text/css 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/resources/css/blocks/cardteam.css?ver=f129923a
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c150266f8c6c6d931a4a0fac563f2edff70de3ccb410d73b4673c456f3f67f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:50 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BwqMf3NKpF6m5%2BEWzEwsvLKzl49x5wiT8%2BVlkGybxnWETY47%2Fqfnc%2BRU%2Ftcrdeee%2FD4%2FNrElDy1hntNgJ7oZ8xT6MLpQl8OIok22RosuS6%2FNryiIixBlGgQXuP23cRIEKr%2F%2F4oxwwR0V%2FUOfUDlVI57zuCL7oOOuwAW1kDquNRW"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86024d53cad4b9c5-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 card-lottery.css
tribunapr-br.diariodoriogrande.com/resources/css/blocks/ 1 KB
746 B 338ms
338ms Stylesheet
text/css 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/resources/css/blocks/card-lottery.css?ver=f129923a
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b6533d387e797498abdbe30ace78455b564dde62899d2bf8a939c07730a6505

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:50 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZqTeBTAa2GXe9Zo3gD%2BqY7wG1DUuiZFqugBeJUsLfF00R7hm8HL9XwsOOCTd2ParGP5N0d5pb%2FzkzpkKtHayyxZA7HANPeobYom%2B%2BbMdYoa%2FhOZ8mEyPeyJGChLpnBkiwl0INoYqk%2F9jpf1635dqVmDTxszHwYCAx%2FFixtRPxFK"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86024d53cad5b9c5-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cardmost.css
tribunapr-br.diariodoriogrande.com/resources/css/blocks/ 3 KB
1 KB 695ms
695ms Stylesheet
text/css 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/resources/css/blocks/cardmost.css?ver=f129923a
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aa09b4c9476fa1335ee761d4988177c69e685a6bee6b00fe87264c7e306ed85

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:50 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3fAq8853%2Fyr0hzn8iYlFr2Ft2p0rV0FAhoLwNU9WfwmxsTwvpgsf4YY5kQXFUQmscmy%2FWGEyibnT6Lv5aCMSjnN2O3XSHZIit08A9VWKNj1%2BPp2Z9Ei3034vNUJx6dbUZ905UBCraZ1MJjdGhiLB4RaROvhNLTvY1CoWULXAdQ2"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86024d53cad7b9c5-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
48 KB 86ms
26ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tribunapr-br.diariodoriogrande.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 09:01:02 GMT
x-content-type-options: nosniff
age: 11987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 09:01:02 GMT

GET
H/1.1 200
OK dHJpYnVuYXByLWJyLmRpYXJpb2RvcmlvZ3JhbmRlLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
537 B 171ms
64ms XHR
application/json 23.196.238.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcheck.outbrainimg.com/tcheck/check/dHJpYnVuYXByLWJyLmRpYXJpb2RvcmlvZ3JhbmRlLmNvbQ==

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.196.238.181 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-196-238-181.deploy.static.akamaitechnologies.com

Software

Resource Hash

929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Wed, 06 Mar 2024 12:20:50 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: b5da729007425b7b77a9ec029717304c
Content-Length: 16
Expires: Thu, 07 Mar 2024 00:20:50 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 32ms
30ms Image
image/gif 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 12:20:50 GMT
date: Wed, 06 Mar 2024 12:20:50 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 1 KB
1 KB 241ms
156ms Script
text/javascript 146.75.30.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=%2F&idx=0&rand=41357&widgetJSId=SF_1&va=true&et=true&format=html&px=0&py=18035&vpd=16835&cw=1600&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&version=2010683&sig=bAQ6EuVv&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a9ac832533d5a3ee5f42817990c459d33032cca44ad0cb572bfbc920e014855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish
date: Wed, 06 Mar 2024 12:20:50 GMT
traffic-path: NYDC1, IAD, USA_EAST1
x-cache: MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid: f9328950dfb76ef54c7c6ab1f66c5eee
content-length: 920
x-served-by: cache-iad-kiad7000043-IAD
pragma: no-cache
x-timer: S1709727650.410700,VS0,VE123
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
cache-control: no-cache
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame F2D8 416 B
743 B 31ms
23ms Document
text/html 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-length: 416
content-type: text/html
date: Wed, 06 Mar 2024 12:20:50 GMT
etag: "c0311cf15c21ddda054005e92fad3f9e:1709454464.34608"
expires: Wed, 13 Mar 2024 12:20:50 GMT
last-modified: Sun, 03 Mar 2024 07:43:15 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 251ms
37ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=923e88c5c1cb578a909f2db10ba49c92_-1_1709727650524&tm=436&eT=7&wRV=2010683&pVis=0&lsd=476d245c-0eed-44dd-8ed8-de6027eb9cb7&eIdx=&cheq=0&oo=false&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 06 Mar 2024 12:20:50 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 4ecabfe93c0ec3f0cd68bc07095b7f57
Content-Length: 6

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
71 KB 576ms
281ms Script
application/javascript 2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

bfa43032d563ab661974f76827ef4d21ccadf44541439a72d0297f46d5d2ec58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 01 Mar 2024 11:37:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65e1be04-1192e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71982
expires: Wed, 06 Mar 2024 13:20:50 GMT

POST
H3 200 user.php Show response
tribunapr-br.diariodoriogrande.com/ 0
474 B 306ms
306ms XHR
text/html 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/user.php
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Mar 2024 12:20:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkiBz95N%2F4THE6hvMXypukjl9KC%2FSclrbSphiDS5%2FvEsIhurgD1Po6Zhl4MQMi7Z1mtThyywJDQl2hRucq4DRpjnG0OMPMxSs7FYPQpgZm82OWNrsr1yX%2FnAuKDDfL1QbH4lRVh0x3ydBDRoLuSXxZyVBCBC9v3eXlYI6azTaI%2Bb"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 86024d586ed95e6b-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 6455965 Show response
aistekso.net/401/ 88 KB
35 KB 470ms
224ms Script
application/javascript 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aistekso.net/401/6455965

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3cbbfaef1e9e7466f3d3a51cd44ab4e9c772f1eaaa47a0a4fb1bb9ee9d30475c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:50 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 36f6e63c410c4721830e099f72b45e3b
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 micro.tag.min.js Show response
petchoub.com/pfe/current/ 35 KB
14 KB 362ms
110ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 76d2557eeb69b8934253e2892c6a80cf8f27ecb31ca33605d798007a9b73d541

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:51 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2024 15:55:58 GMT
server: nginx
etag: W/"65e7408e-8a1a"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 6455962 Show response
phamsacm.net/5/ 87 KB
34 KB 416ms
201ms Script
application/javascript 139.45.197.246
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://phamsacm.net/5/6455962
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.246 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e85bf5698dd4044f1c9717102cda305066572a01b55238cdcd9398380f4b4b66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:50 GMT
content-encoding: gzip
x-trace-id: d766a9ddbd7e233458a98b411fb7c560
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1 Show response
cameesse.net/ 42 KB
16 KB 1503ms
202ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/1?z=6455964
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a23a100d20dcde220282e015b9a0c8f54810deeaf57f129c68c6d58073ccffdc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id: 2e2754526350c27e7b1fd36cce72078e
pragma: no-cache
date: Wed, 06 Mar 2024 12:20:52 GMT
content-encoding: gzip
x-sc: 8zEm9gU9K5HCzBX-jLxJ_r4bc56st9Clcn7uMa4vo9e_m0kxOq96BYjeDaI9IvZJBA-0vAmv-eN3LymjSL27zB25I1w=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame F2D8 610 B
704 B 35ms
32ms Document
text/html 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 355
content-type: text/html
date: Wed, 06 Mar 2024 12:20:50 GMT
etag: "48053d50141031b1511dbd30f9a31288:1709454465.039658"
expires: Wed, 13 Mar 2024 12:20:50 GMT
last-modified: Sun, 03 Mar 2024 07:43:15 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

POST
H2 200 custom
jouteetu.net/ 0
0 408ms
192ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sw-check-permissions.js
tribunapr-br.diariodoriogrande.com/ 0
775 B 152ms
151ms Other
application/javascript 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/sw-check-permissions.js?zoneId=6455971
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 23:02:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653063f8-22e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2xHwMzr2W3JtFAhanSUi%2FFYRP6fizOUCwi0IQldM3vfQqobNZN6tPkD3YN9VhMDyfM01KPDnRi%2BRIwNMiSK88MmHGner26eERME5BkHsI70NZTC4SxA5lTzX5es2rCMc7UssnQPEPUiNYqxWUMVhKEHzeAnFGYM8xss4pdB5MVA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 86024d5b7acd5e6b-EWR
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 405ms
194ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 306ms
98ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
petchoub.com/ 0
270 B 112ms
111ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchoub.com/zone?&pub=0&zone_id=6455971&is_mobile=false&domain=tribunapr-br.diariodoriogrande.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=150d4cba-f3da-4700-ad06-e9a6d79d08a6&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id: f8e2ff4daa02eb431cf6e14592adca2f
date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 400ms
193ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 401ms
194ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
556 B 321ms
106ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=6455971&checkDuplicate=true&ymid=&var=

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8cf83d1141e53bf1bd916c47fd6e9559bde7e47acd4812e45c0def182334da75

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 302ms
97ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 180ms
179ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
petchoub.com/ 0
272 B 111ms
110ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchoub.com/zone?&pub=0&zone_id=6455971&is_mobile=false&domain=tribunapr-br.diariodoriogrande.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=86f600bf-76bf-4e11-a952-f048df4c8a6b&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id: 9bdb75bc9558db3703d74e8ad8062d9c
date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 181ms
180ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 188ms
186ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
557 B 301ms
101ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=6455971&checkDuplicate=true&ymid=&var=

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c7cd710437c66f0de8ef119050bbec594b70821b32fbf74da33b5ca7b7e038db

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 181ms
179ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 182ms
181ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 184ms
183ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 187ms
186ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone Show response
petchoub.com/ 771 B
1 KB 294ms
97ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchoub.com/zone?&pub=0&zone_id=6455971&is_mobile=false&domain=tribunapr-br.diariodoriogrande.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=150d4cba-f3da-4700-ad06-e9a6d79d08a6&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d172a220061aae57fc0d9d2e22f201e123478c1274234bb33faebb14a78735e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id: eb2f308cbf957e9516534d37a03a952b
date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 771

POST
H2 200 custom
jouteetu.net/ 0
0 186ms
185ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone Show response
petchoub.com/ 771 B
1 KB 284ms
98ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchoub.com/zone?&pub=0&zone_id=6455971&is_mobile=false&domain=tribunapr-br.diariodoriogrande.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=86f600bf-76bf-4e11-a952-f048df4c8a6b&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d172a220061aae57fc0d9d2e22f201e123478c1274234bb33faebb14a78735e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id: 9542476c6faa2de511ef76869bcf3f80
date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 771

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
556 B 227ms
142ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=008017b827c64133f9ad0e4ac74223f7

Requested by

Host: phamsacm.net
URL: https://phamsacm.net/5/6455962

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8427313ad4216d32fc657659ca2d8d09d59443f33ae320929ab71e5219faaf80

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10300.1NM8QYHk03XqEjuQGju9g56IRRc46xyL6AXnMq2CluMIPijm_TBGjTF9lFYVuFiq.drFkg7q5fEMUFnRwLNOLAlCy4Vs%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10300.Z0GQ4r3XniD5KObQploX5CwUgySsrLbohGbX1bAJipA1BOGnv9ig0tJMrnKysaNc0gn2ZBgfCyX-R3BtxpGBRPzpE4XCeBV5MgUNa_A30OeYIU2EBQ6ptPVAE4xfrXmdyYJnswyOV5...

43 B
668 B

149ms
149ms

Image
image/gif

2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10300.Z0GQ4r3XniD5KObQploX5CwUgySsrLbohGbX1bAJipA1BOGnv9ig0tJMrnKysaNc0gn2ZBgfCyX-R3BtxpGBRPzpE4XCeBV5MgUNa_A30OeYIU2EBQ6ptPVAE4xfrXmdyYJnswyOV54_iBmcWUVwRFABw6m-w-gLljLu67At-csMv2uLqRb8kkT9gknHFueM4pNVvaTgiVc5-bdZkC58K32HIbZuG3YiPuroouNro8c%2C.LZ603Yi-hiML0u-8CKwoshDLMPo%2C

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10300.Z0GQ4r3XniD5KObQploX5CwUgySsrLbohGbX1bAJipA1BOGnv9ig0tJMrnKysaNc0gn2ZBgfCyX-R3BtxpGBRPzpE4XCeBV5MgUNa_A30OeYIU2EBQ6ptPVAE4xfrXmdyYJnswyOV54_iBmcWUVwRFABw6m-w-gLljLu67At-csMv2uLqRb8kkT9gknHFueM4pNVvaTgiVc5-bdZkC58K32HIbZuG3YiPuroouNro8c%2C.LZ603Yi-hiML0u-8CKwoshDLMPo%2C
date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
499 B 144ms
143ms Image
image/gif 2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 01 Mar 2024 11:37:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65e1be04-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 06 Mar 2024 13:20:51 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 97ms
96ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 97ms
97ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 97ms
96ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 98ms
97ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=6455971&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 stattag.js Show response
tzegilo.com/ 19 KB
8 KB 128ms
47ms Script
application/javascript 2606:4700:3033::6815:bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: aistekso.net
URL: https://aistekso.net/401/6455965
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6497
etag: W/"65c37cc1-4ac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4D7tLfzAxT3OqatcrEHkHhwXdwlde2AJKyijT8EhGGxpcBOujUUPROnh3aEiC%2FsBUWrFHHFyv0LMWC8cXdXNi6KjWoGeRJVyFM3lrQeJPuINsshqDpM5iEsiRtgsHDybD2xDpiuvV7PlJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 86024d5e4ba742bd-EWR
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
phamsacm.net/ 3 KB
3 KB 100ms
99ms Fetch
application/json 139.45.197.246
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phamsacm.net/?rb=_VXKG-a1uEH-cSFRBQBYoeYZsQbLjm5hCZQP8iy9n37uvxenyGrO3kCaUh-PjIvtX4ioewfx0hYpAUXqpFeiEKg8mqDx_OmcpYBovSEgPhLCFHlfXdo_y52ZEhjUSiSctyGHwyhyPRfkmyrxujl9HBuxrMZcz5_DOQoVbyf3MiIfgmexlccoS-9mwRqVGYLbhu2dH7TD3uQS2CAN649hc-Gbs3eUy1guL1DiuEZnXFY7x1ggvsTATg9YYjAYHfoSwA-rduHzYWAA48eEiVp-1TbUV5-f5F0mqmeUZ9xGAkZjp1gClV7q7HGFuw6jsPq-7AH0N0jtHTw5nPD5qcG1NeS3vGM%3D&request_ab2=0&zoneid=6455962&js_build=iclick-v1.714.1-auto&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Pacific%2FHonolulu&bto=600&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.714.1-auto&navlng=en-US&pnt=0&pnrc=0&bs=8ae3a782-6b9d-4925-963e-ce8130688f78&userId=008017b827c64133f9ad0e4ac74223f7&is_mobile=false&m=link

Requested by

Host: phamsacm.net
URL: https://phamsacm.net/5/6455962

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.246 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

04973a33fed43906f38c9602ab3ee902b1daff5ff88930307792c05fe79394b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: ba0186a92a4a6567ad99cbf79d56f5dc
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 6455965 Show response
aistekso.net/500/ 2 KB
2 KB 119ms
118ms XHR
application/javascript 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aistekso.net/500/6455965?excludes=&oaid=008017b827c64133f9ad0e4ac74223f7&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.327.0

Requested by

Host: aistekso.net
URL: https://aistekso.net/401/6455965

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f5bc325cf7a67d4a36fc0ff25e2284ec11d3c1ed8b90443ee19192354e821e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: f26c51cc82bf73f4ed53f9d1334f7dba
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 6455965
aistekso.net/500/ Frame 0
0 301ms
103ms Preflight 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tribunapr-br.diariodoriogrande.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Wed, 06 Mar 2024 12:20:51 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
504 B 350ms
111ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=35ff5ecc-e7a6-45a5-b97b-f7c91a936c0c
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 06 Mar 2024 12:20:51 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tribunapr-br.diariodoriogrande.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2

200

1 Show response
mc.yandex.com/watch/92306955/
Redirect Chain

https://mc.yandex.com/watch/92306955?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3...
https://mc.yandex.com/watch/92306955/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0...

447 B
611 B

141ms
141ms

Fetch
application/json

2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92306955/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A2%3Adp%3A0%3Als%3A808385835141%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A472764935%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

1e0b21efbce007613e7929868414fa4f148ab8afcd6a1ea8a060481dfcf82685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 06-Mar-2024 12:20:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 06-Mar-2024 12:20:52 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 06-Mar-2024 12:20:51 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92306955/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A2%3Adp%3A0%3Als%3A808385835141%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A472764935%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 06-Mar-2024 12:20:51 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/92138133/
Redirect Chain

https://mc.yandex.com/watch/92138133?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3...
https://mc.yandex.com/watch/92138133/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0...

447 B
479 B

145ms
144ms

Fetch
application/json

2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92138133/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A3%3Adp%3A0%3Als%3A1635803656222%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A31933812%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

d5b496f28ffb7acdc2c9997e434e2c3e72f9cc3ab5cdf50fc17753bffac268b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 06-Mar-2024 12:20:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 06-Mar-2024 12:20:52 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 06-Mar-2024 12:20:51 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92138133/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A3%3Adp%3A0%3Als%3A1635803656222%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A31933812%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 06-Mar-2024 12:20:51 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/92137976/
Redirect Chain

https://mc.yandex.com/watch/92137976?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3...
https://mc.yandex.com/watch/92137976/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0...

447 B
479 B

145ms
145ms

Fetch
application/json

2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92137976/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A1113343059054%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A668495172%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

231cae0b1016416feb81e28128f0c5cd3d1b94a7f00b56d9fa017429f51b1338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 06-Mar-2024 12:20:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 06-Mar-2024 12:20:52 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:51 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 06-Mar-2024 12:20:51 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92137976/1?wmode=7&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A1113343059054%3Ahid%3A744798446%3Az%3A-600%3Ai%3A20240306022051%3Aet%3A1709727651%3Ac%3A1%3Arn%3A668495172%3Arqn%3A1%3Au%3A1709727651892999085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1626%3Awv%3A2%3Ads%3A0%2C66%2C1297%2C163%2C0%2C0%2C%2C777%2C4%2C%2C%2C%2C2322%3Aco%3A0%3Acpf%3A1%3Ans%3A1709727648372%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709727652%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 06-Mar-2024 12:20:51 GMT

GET
H2 200 0ccfc43f960ff2dee552363629b769b8.png
offerimage.com/www/images/ 8 KB
8 KB 128ms
42ms Image
image/png 2606:4700:10::6816:21ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offerimage.com/www/images/0ccfc43f960ff2dee552363629b769b8.png
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 278d4648a09e18f980cef2025706ff54b9bad840ae57c79009bc17e0bd017c5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:52 GMT
cf-cache-status: HIT
last-modified: Sat, 08 Apr 2023 13:11:16 GMT
server: cloudflare
age: 3815
etag: "643167f4-1e61"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86024d615e3d4283-EWR
content-length: 7777
expires: Thu, 07 Mar 2024 11:17:17 GMT

GET
H2 200 3e83a04c21dfda8a9dbd5c41c9d242eb Show response
cameesse.net/27/ 403 KB
128 KB 103ms
102ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cameesse.net/27/3e83a04c21dfda8a9dbd5c41c9d242eb

Requested by

Host: cameesse.net
URL: https://cameesse.net/1?z=6455964

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e47d3e049fd6838fb97ac82e465263a919f30887c6a996d7d8c3ab6e2cdf3b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id: bf1b6db150df4a78675f26f67c00605d
date: Wed, 06 Mar 2024 12:20:52 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Mon, 19 Feb 2024 09:58:54 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 20 Mar 2084 09:58:54 GMT

POST
H2 200 9 Show response
cameesse.net/ 6 KB
3 KB 103ms
103ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/9?z=6455964&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=008017b827c64133f9ad0e4ac74223f7
Requested by: Host: cameesse.net
URL: https://cameesse.net/27/3e83a04c21dfda8a9dbd5c41c9d242eb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 67373f3aeb386c018d3806856fe1c7fbb54caa05ee1653476aa4fad3cbf8be33

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 29ef56f5b8f0d72521e760ec0fccd7f8
pragma: no-cache
date: Wed, 06 Mar 2024 12:20:52 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
cameesse.net/ Frame 0
0 291ms
96ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/9?z=6455964&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=008017b827c64133f9ad0e4ac74223f7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tribunapr-br.diariodoriogrande.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Wed, 06 Mar 2024 12:20:52 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H3 200 menu.js Show response
tribunapr-br.diariodoriogrande.com/resources/js/ 6 KB
2 KB 1479ms
1478ms Script
text/javascript 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/resources/js/menu.js?ver=f129923a
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7be3dd0a41bf2f61b602dca13b2fb2b29f5db27b2c436478fa799344c198641

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:54 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59ja8tBb7hVz5nUASLQtp1YZO%2FURUM%2FSOAfpUD7nQoQdBBuaprqb%2BEMvU4Z6H%2FdHvb0SG8%2BQ5W3ZmOKNyt4XB8Ofa%2FAfNAnGa1jE5Qtb4lJ7vFM83Pk41U0pEWTpJzEJ1vLpXmvXJf%2F1bxwrT%2F3sSSScD1qzbBB%2FH74BJDsXIWUG"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86024d64fb175e6b-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 11 Show response
cameesse.net/ 0
608 B 104ms
104ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/11?rnd=2314986531&z=6455964&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0=&ruid=cb6ba537-a870-4579-8f1f-b0c9dc0a4d21&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&ot=400
Requested by: Host: cameesse.net
URL: https://cameesse.net/27/3e83a04c21dfda8a9dbd5c41c9d242eb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id: 9467736734d27ea1570c9e0ef52a8812
pragma: no-cache
date: Wed, 06 Mar 2024 12:20:53 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
interstitial-08.com/ Frame 2B03 21 KB
5 KB 496ms
135ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Requested by: Host: cameesse.net
URL: https://cameesse.net/27/3e83a04c21dfda8a9dbd5c41c9d242eb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: 6ec8ce73c937ffe3093ce349781826c85d6be4fcaf1d1829909cae9bc41886d0

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 06 Mar 2024 12:20:53 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame 2B03 12 KB
2 KB 137ms
37ms Stylesheet
text/css 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
age: 5862
etag: W/"656f1d9e-30c9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 86024d6b3c531845-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 2B03 3 KB
4 KB 136ms
36ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:53 GMT
cf-cache-status: HIT
age: 2475
content-length: 3429
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
etag: "656f1d9e-d65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 86024d6b3c541845-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame 2B03 52 KB
53 KB 107ms
106ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:53 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-d0e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 53472

GET
H2 200 0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame 2B03 14 KB
15 KB 313ms
311ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:53 GMT
last-modified: Wed, 15 Aug 2018 10:56:50 GMT
server: nginx
etag: "5b7406f2-393b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 14651

GET
H2 200 0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame 2B03 35 KB
35 KB 313ms
312ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:53 GMT
last-modified: Tue, 17 Jul 2018 10:46:08 GMT
server: nginx
etag: "5b4dc8f0-8b17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 35607

GET
H2 200 01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame 2B03 49 KB
50 KB 313ms
312ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:53 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-c502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 50434

GET
H2 200 player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 2B03 28 KB
28 KB 130ms
39ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:53 GMT
cf-cache-status: HIT
age: 1575
content-length: 28527
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
etag: "656f1d9e-6f6f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 86024d6b3c571845-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 script.js Show response
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame 2B03 1 KB
561 B 131ms
40ms Script
application/javascript 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D3361931230%26z%3D6455964%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dcb6ba537-a870-4579-8f1f-b0c9dc0a4d21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Ftribunapr-br.diariodoriogrande.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
age: 2951
etag: W/"656f1d9e-58b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 86024d6b3c561845-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 11 Show response
cameesse.net/ 0
746 B 103ms
103ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/11?rnd=2314986531&z=6455964&b=5362695&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=7rg1nkrpPbjKzM1kq6vl9XnDIBOEjicsWjfKIacXB0OHghucWDV86ACZfcjs94kXxXjvLFhfBic0v2l77XiVi5ioVDh1TZLsGV0M7xmn-LkiLleRaOo6cuzIqrnekknDJJZbUysRm2FaCsXY2JL7sqa2_BhPyPhjZ4E67_7NRV_h5sec4mRvIttFQOKCmVhzSTuK8ixqcFcIKewO8BkpcU5if4O3cah22u9CGOMHLZNVtBG04S-EQB2GKb9L3_vUWLvfr7jNdrzBm18IivQsv7Tc4Jk7o8YgIFsAK831wwuVNYL3JM6VixQb6Z0=&ruid=cb6ba537-a870-4579-8f1f-b0c9dc0a4d21&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Requested by: Host: cameesse.net
URL: https://cameesse.net/27/3e83a04c21dfda8a9dbd5c41c9d242eb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id: 19d8c8d026bd7c16ccac3cd71444ffbc
pragma: no-cache
date: Wed, 06 Mar 2024 12:20:54 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2B03 548 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 app.js Show response
tribunapr-br.diariodoriogrande.com/resources/js/ 21 KB
7 KB 608ms
608ms Script
text/javascript 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/resources/js/app.js?ver=f129923a
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca67cb1ceea6819c7a252af1ff499465bd8dbf522dbc69579038b648d9457806

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:54 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5iimb%2Bcsh6f6dMWUTAeEZRZ5kFfY549N4dGkH8rfNmixiSWvY4ZwU5GLI42csMeJl3LXZ1t1hhAmw8ezXK320RYE%2F0uAzmo5C%2B%2FWN%2FRGrJPESk6a%2BRAdjgWmIQEGGJqO7KEGswvqYMRPWzr%2BQ0bGOmLbZqiZIFMzA5U9FkX%2F13m"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86024d6e4c8f5e6b-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 bundle.js Show response
tribunapr-br.diariodoriogrande.com/resources/ads/dist/ 34 KB
11 KB 460ms
460ms Script
text/javascript 2606:4700:3035::6815:1c85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribunapr-br.diariodoriogrande.com/resources/ads/dist/bundle.js
Requested by: Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1c85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69ac1beb9ef85409d0cf282d94308490fd164b2ffb3f7941fdf2acf383a2559d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:55 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKjgTzYifYoFqtAejytNkbG2hUEU6p69RLMVp%2FciNyT4tVtJAxFMGjH4h9mH7y%2B8w2zPBVEM3%2Fbmmy0zLqe1AVk2%2BHuxzwoqCXTTe5qduL7FdqHmljKmGTCVeVrORIBlAeQ%2FSX1TwySrpbhbAzJ0iT88gctfHcIz7piD0132aMJc"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 86024d7228995e6b-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
28 KB 160ms
96ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/resources/ads/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

876f5fcb84c6784ef5f5a4d74e8122e6b4dac1167790231eb2395629492c70c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28620
x-xss-protection: 0
server: cafe
etag: 465 / 19788 / 31081585 / config-hash: 11541533162646619963
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 12:20:55 GMT

GET mapping.json
tribunapr-br.diariodoriogrande.com/resources/ads/config/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
98 KB 110ms
49ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SWYN22Y0VE

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65560a5b844fe9bc9d4c3f29c0ea49ded22866a2c0b2b5fa640c37bd0a30e637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99449
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Mar 2024 12:20:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 255 KB
91 KB 54ms
53ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBF5J7&l=dataLayer

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7f4b8b633c542af143d5201c997bca5641118e7af3b25e7c7202bd370d8e771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93140
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Mar 2024 12:20:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
91 KB 61ms
61ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3HDJQKS5FB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SWYN22Y0VE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cb654ef13cab9f952dc29408a857a3f8f8ae88af25470737d4d164deff3160b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92852
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Mar 2024 12:20:55 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
267 B 345ms
40ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SWYN22Y0VE&gtm=45je4340v870993799za220&_p=1709727649877&gcd=13l3l3l3l1&npa=0&dma=0&cid=1585941848.1709727655&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709727655&sct=1&seg=0&dl=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=7048
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SWYN22Y0VE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402270103/ 429 KB
135 KB 29ms
28ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402270103/pubads_impl.js?cb=31081585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39717bd09191935fdd7a543d205492e153daf7f87c522e486cd42fae84a5fc03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 05:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23631
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138221
x-xss-protection: 0
server: cafe
etag: 4120463601318914039
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Mar 2025 05:47:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 79 B
79 B 145ms
90ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tribunapr-br.diariodoriogrande.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d94e5a551d5539aee7ce3cdebc3620b0058adb05f4692a833af4110ef82c4411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55
x-xss-protection: 0
expires: Wed, 06 Mar 2024 12:20:55 GMT

POST
H2 200 92306955
mc.yandex.com/webvisor/ 43 B
0 705ms
140ms Fetch
image/gif 2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/92306955?wv-part=1&wv-type=7&wmode=0&wv-hit=744798446&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&rn=486872362&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1709727655%3Aw%3A1600x1200%3Av%3A1261%3Az%3A-600%3Ai%3A20240306022055%3Au%3A1709727651892999085%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Ast%3A1709727655&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 06-Mar-2024 12:20:56 GMT
content-type: image/gif
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 06-Mar-2024 12:20:56 GMT

GET .js
tribunapr-br.diariodoriogrande.com/resources/js/gp/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 133ms
67ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 06 Mar 2024 12:20:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: lLdD1K13fBar+Fsg685BUtXzC3mpHf9PpWqqMEp8xzjft2Nt6gzGbbTLmZhEuXN8vCDmyD6R1WsN1cd//bl7lw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 netdeal.js Show response
www.netdeal.com.br/resources/ 1 KB
1 KB 180ms
46ms Script
application/javascript 2606:4700:3030::6815:5974

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netdeal.com.br/resources/netdeal.js?m=2022bcfd-2560-4bfe-82b7-9fd97dd96d79
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBF5J7&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5974 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: f8aa2b9a6b826a374749812d67bd87764346d27d41477b90903f5d786e0e3acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:55 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 05 Mar 2024 19:17:09 GMT
server: cloudflare
age: 1817
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6kas3pq%2F0ZcptVTP%2FPt0ksrpZqoimhH8334RM8g3NQAxazVxydhpOl5aFIrd5%2BgHMacgTiUqSOGYrD9zgbKAJr%2FdZwZAYtM4a9v2hND7%2BRvS1kBRHXasPs6GLD%2BDe2%2FBk3tRKqdAEKWnOQqu2qgGbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, must-revalidate
cf-ray: 86024d7988edc457-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 12695920901796625081 Show response
tpc.googlesyndication.com/pimgad/ 9 KB
10 KB 126ms
65ms Script
application/x-javascript 2607:f8b0:4006:817::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pimgad/12695920901796625081

Requested by

Host: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

12ad8c79c47fdedb0efc27470e7d1dd02ece30e00bde5902efb975e9b72cf018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Thu, 06 Mar 2025 11:51:48 GMT
date: Wed, 06 Mar 2024 11:51:48 GMT
x-content-type-options: nosniff
age: 1747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9328
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:24:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 79ms
78ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3HDJQKS5FB&gtm=45je4340v899729375z8870993799za220&_p=1709727649877&gcd=13l3l3l3l1&npa=0&dma=0&cid=1585941848.1709727655&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1709727655&sct=1&seg=0&dl=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&dt=&en=page_view&_fv=1&_ss=1&tfd=7452
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HDJQKS5FB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 92306955
mc.yandex.com/webvisor/ 43 B
0 281ms
172ms Fetch
image/gif 2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/92306955?wv-part=1&wv-type=7&wmode=0&wv-hit=744798446&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&rn=1046558789&browser-info=we%3A1%3Aet%3A1709727656%3Aw%3A1600x1200%3Av%3A1261%3Az%3A-600%3Ai%3A20240306022055%3Au%3A1709727651892999085%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Ast%3A1709727656&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 06-Mar-2024 12:20:56 GMT
content-type: image/gif
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 06-Mar-2024 12:20:56 GMT

GET
H2 200 471716957444426 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 120ms
118ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/471716957444426?v=2.9.148&r=stable&domain=tribunapr-br.diariodoriogrande.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

b524de0774baa911dd98b61d49a5fbe8a1fc91576bbf20f23f16b8693855bb8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 06 Mar 2024 12:20:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: jPutKgovTAw5gSU67WnGzUtVqu5T0J+3eNd8ihF6UP55SjghrTXgt2dkvev2MVJA4RmYz4h9V5xsJlUYzfHXjA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 netdeal.core.js Show response
www.netdeal.com.br/resources/js/ 394 KB
105 KB 45ms
44ms Script
application/javascript 2606:4700:3030::6815:5974

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netdeal.com.br/resources/js/netdeal.core.js?v=243
Requested by: Host: www.netdeal.com.br
URL: https://www.netdeal.com.br/resources/netdeal.js?m=2022bcfd-2560-4bfe-82b7-9fd97dd96d79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5974 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: bdb49f2d869820f416908a9562838bf9c43888a01a06f0eadf64e2f6a73311b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:56 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 05 Mar 2024 19:17:09 GMT
server: cloudflare
age: 3461
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgyY00%2Fr%2B9Ki%2BE8MezQmQ%2B0teLd%2BAfxA7yHoHAQH6uddB9mal2I7VxIwDUmSki%2B9oQd04Etlmzhjb7xdr7YvvMRNffEO60JQ8M%2FtxUy%2BwNbe5Rfxv27vYgHWqt2lx4APWCZU9JAp3FBjEOf5zbBML5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, must-revalidate
cf-ray: 86024d7a397fc457-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 216ms
29ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=471716957444426&ev=PageView&dl=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&rl=&if=false&ts=1709727656121&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709727656119.878031158&ler=empty&cdl=API_unavailable&it=1709727655969&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 06 Mar 2024 12:20:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 login
www.netdeal.com.br/open/netdeal/ 0
832 B 142ms
140ms Image
image/gif 2606:4700:3030::6815:5974

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netdeal.com.br/open/netdeal/login?code=0&local=BROWSER%3Andc5767440246_1709727656163

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5974 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: image/gif; charset=UTF-8
netdeal-container-name: core_slave
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9Fcg3%2FH4M6P5eEJB5Icb9uHYCChOERlx3KEPNpBKuQWyf4GSgsFT3vRQLKB3xhGI4yq1HTEtT4bXt%2BxyETtJdXvvnwxMQFJTyzjYW8YGWvu6tEsOrtaCQ%2BQpHAFPix%2Fi%2BVaItL2neR4pmCZ%2B7ZPKso%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-AUTH-TOKEN
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 600
cf-ray: 86024d7b2d540f7c-EWR
access-control-allow-headers: X-PINGOTHER, Origin, origin, X-Requested-With, Content-Type, Accept, accept, X-AUTH-TOKEN, X-AUTH-USER, C-AUTH-TOKEN, X-ND, Authorization
expires: 0

POST
H3 200 js Show response
www.netdeal.com.br/open/merchant/ 3 KB
2 KB 67ms
67ms XHR
application/json 2606:4700:3030::6815:5974

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netdeal.com.br/open/merchant/js

Requested by

Host: www.netdeal.com.br
URL: https://www.netdeal.com.br/resources/js/netdeal.core.js?v=243

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5974 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

35a44941f72cbeec9508068c6af0447f4958555c8522039ec6d4d013a843f24d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 06 Mar 2024 12:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: application/json;charset=UTF-8
netdeal-container-name: core_slave
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-expose-headers: X-AUTH-TOKEN
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAtFFvTSZnSU7L71%2BDsT4U4TnNrignQbqnuOsM9f4Tlqkz47NGsnfHHQWmxL6hNUV4LO7Ef9rVxjPfG9iIO3IUtk1RPSskXauvjtvo1E2X2YZbf5IhucAsXwmA7PCU0GbZjuhNRg7wKOlDUieXvBAdg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 86024d7d5fee0f7c-EWR
access-control-allow-headers: X-PINGOTHER, Origin, origin, X-Requested-With, Content-Type, Accept, accept, X-AUTH-TOKEN, X-AUTH-USER, C-AUTH-TOKEN, X-ND, Authorization
expires: 0

OPTIONS
H3 200 js
www.netdeal.com.br/open/merchant/ Frame 0
0 200ms
132ms Preflight 2606:4700:3030::6815:5974

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netdeal.com.br/open/merchant/js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5974 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tribunapr-br.diariodoriogrande.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, origin, X-Requested-With, Content-Type, Accept, accept, X-AUTH-TOKEN, X-AUTH-USER, C-AUTH-TOKEN, X-ND, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-expose-headers: X-AUTH-TOKEN, C-AUTH-TOKEN
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86024d7c7c4041df-EWR
content-length: 0
date: Wed, 06 Mar 2024 12:20:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaMgAnE7hxRTg6vt06XOjjMvuUG2bBlGMTl5hcz16CgidiFFSF7tusD1YHeruQu9FkpgC%2BHW2C3Lf%2BaG7eDuCVgoseu0o9Wglu%2F3ToFrAa%2F21q%2BY6ZxKdCEgpopUsCtTu%2BMArtKyhEQRaNh1TClDiSU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 XpcZKwTlYLsF-FfhYJTxGx2z7Wy04U9XRy9Z1yTmfHrvCo4dFb9OqJNpcP-XPn6wvcW2LJzwcy7jCUfMmHC7Ea5P62R4hYF9yzWCEhG3oUkNQVXsqKfb7_d3ADw7P-fCE3Rtevkwr8qj7zcSSnvKEyTnzaKCc0iJNJTDoGeS10FD0taoTnkS43Qwa0UFFmWWrohFm...
aistekso.net/impression/ 43 B
543 B 115ms
111ms Image
image/gif 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aistekso.net/impression/XpcZKwTlYLsF-FfhYJTxGx2z7Wy04U9XRy9Z1yTmfHrvCo4dFb9OqJNpcP-XPn6wvcW2LJzwcy7jCUfMmHC7Ea5P62R4hYF9yzWCEhG3oUkNQVXsqKfb7_d3ADw7P-fCE3Rtevkwr8qj7zcSSnvKEyTnzaKCc0iJNJTDoGeS10FD0taoTnkS43Qwa0UFFmWWrohFmzEAqkEIVT9kuISUoSEQ2oFHy7Qzsz1er4oMwVsxXhNivYdZIq3oCl3q09rLBeQFb9FOazy20IqNXkhi6EeOWKe7JNxlHRLSaEPQW9K1qGm1E25lAIL8Vou_noN1N8LkzXr05j0pjzmFU9G-vfPHCqL6vSkZG4199kBcBKZ700vqDBVqNycphfsyL0VHcZ_Gw5qtonkafnYJ5O0so6T6ratqS4G7BBw8Zh_KIGEzs3RnVFmOOr1OPTS0YoFHnsFZpI-n17QyACr4aKtvdPHiuKHNrjWFJSVMhtflEL0InmWT1_W7kuSkgXOx4wALgq6rFMgHNkz1fFzb8kFDzoqXWVowvinyRZhHI1PzLb9A-rzNSlIRDJuNqmK3ZGKeralATTJaxDOGvGhkLuWfD-yVCBHU3BRPfeeOR1T9QA9Y6I1pfi50ew==?_z=6455965&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.327.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tribunapr-br.diariodoriogrande.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 12:20:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 43
x-trace-id: 33cc4e361733f653cf1efada9827cf2f
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 92306955
mc.yandex.com/webvisor/ 43 B
0 145ms
144ms Fetch
image/gif 2a02:6b8::1:119
TELETECH

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/92306955?wv-part=2&wv-type=7&wmode=0&wv-hit=744798446&page-url=https%3A%2F%2Ftribunapr-br.diariodoriogrande.com%2F&rn=250745315&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1709727656%3Aw%3A1600x1200%3Av%3A1261%3Az%3A-600%3Ai%3A20240306022056%3Au%3A1709727651892999085%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Ast%3A1709727656&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Mar 2024 12:20:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 06-Mar-2024 12:20:56 GMT
content-type: image/gif
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 06-Mar-2024 12:20:56 GMT

POST
H3 200 immediate-bc
www.netdeal.com.br/open/event/ 0
727 B 148ms
147ms Ping
text/plain 2606:4700:3030::6815:5974

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netdeal.com.br/open/event/immediate-bc

Requested by

Host: www.netdeal.com.br
URL: https://www.netdeal.com.br/resources/js/netdeal.core.js?v=243

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5974 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tribunapr-br.diariodoriogrande.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarydDTGc9AY1nReGE9j

Response headers

date: Wed, 06 Mar 2024 12:20:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMnT7wqtdL5KbJS1y2eq%2BmbE4q9Sk5hKywYAW4gVwQlI5KKXO565SAEUJHwJjIsHyNgJYiqzjEoYgeWjmKe1z1u5h872qoiV%2BoO5xvJZgtsL%2BfligC%2FbBuAn3ml6vGvxlhVlzdu0tLzVwmFALG%2B5kkk%3D"}],"group":"cf-nel","max_age":604800}
netdeal-container-name: core_slave
access-control-allow-origin: https://tribunapr-br.diariodoriogrande.com
access-control-expose-headers: X-AUTH-TOKEN
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 600
cf-ray: 86024d7dd8830f7c-EWR
access-control-allow-headers: X-PINGOTHER, Origin, origin, X-Requested-With, Content-Type, Accept, accept, X-AUTH-TOKEN, X-AUTH-USER, C-AUTH-TOKEN, X-ND, Authorization
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tribunapr-br.diariodoriogrande.com
URL: http://tribunapr-br.diariodoriogrande.com/resources/ads/config/mapping.json

Domain: tribunapr-br.diariodoriogrande.com
URL: https://tribunapr-br.diariodoriogrande.com/resources/js/gp/.js?ver=f129923a

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie	1970-01-20 18:55:31	Name: thirdparty Value: yes
tribunapr-br.diariodoriogrande.com/resources/css/blocks	1970-01-20 18:56:54	Name: view Value: 1
tribunapr-br.diariodoriogrande.com/resources/ads/dist	1970-01-20 18:56:54	Name: view Value: 1
tribunapr-br.diariodoriogrande.com/resources/js	1970-01-20 18:56:54	Name: view Value: 1
tribunapr-br.diariodoriogrande.com/	1970-01-20 18:56:54	Name: view Value: 1
tribunapr-br.diariodoriogrande.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: r9f16lhmhgm25581e4lkm8nnhs
.outbrain.com/	1970-01-20 21:05:03	Name: obuid Value: 476d245c-0eed-44dd-8ed8-de6027eb9cb7
tribunapr-br.diariodoriogrande.com/	1970-01-20 18:56:54	Name: prefix_views_counter Value: 1
phamsacm.net/	1970-01-21 03:41:03	Name: OAID Value: 008017b827c64133f9ad0e4ac74223f7
.yandex.ru/	1970-01-21 04:31:27	Name: i Value: PSoiQQqRcZGeblJaoetm7pq6TjN87sfPmiDIYLBz/Wxvgd1BzpZ5uDktwzfWQSXIfcdlZD3hceDh+XBtmuMDWVU5KUY=
.yandex.ru/	1970-01-21 04:31:27	Name: yandexuid Value: 770058261709727650
.diariodoriogrande.com/	1970-01-21 03:41:03	Name: _ym_uid Value: 1709727651892999085
.diariodoriogrande.com/	1970-01-21 03:41:03	Name: _ym_d Value: 1709727651
my.rtmark.net/	1970-01-21 03:41:03	Name: ID Value: 008017b827c64133f9ad0e4ac74223f7
tribunapr-br.diariodoriogrande.com/	1970-01-20 18:55:27	Name: prefetchAd_6455962 Value: true
.mc.yandex.com/	1970-01-20 18:55:28	Name: sync_cookie_csrf Value: 3027191868fake
.diariodoriogrande.com/	1970-01-20 18:56:39	Name: _ym_isad Value: 2
phamsacm.net/	1970-01-21 03:41:03	Name: oaidts Value: 1709727651
phamsacm.net/	1970-01-20 19:05:32	Name: syncedCookie Value: true
.mc.yandex.ru/	1970-01-20 18:55:28	Name: sync_cookie_csrf Value: 2343510549fake
.yandex.com/	1970-01-21 03:41:03	Name: yandexuid Value: 770058261709727650
.yandex.com/	1970-01-21 03:41:03	Name: yuidss Value: 770058261709727650
.yandex.com/	1970-01-21 04:31:27	Name: i Value: PSoiQQqRcZGeblJaoetm7pq6TjN87sfPmiDIYLBz/Wxvgd1BzpZ5uDktwzfWQSXIfcdlZD3hceDh+XBtmuMDWVU5KUY=
.yandex.com/	1970-01-21 04:31:27	Name: yp Value: 1709814051.yu.2617254051709727651
.mc.yandex.com/	1970-01-20 18:56:54	Name: sync_cookie_ok Value: synced
aistekso.net/	1970-01-21 03:41:03	Name: OAID Value: 008017b827c64133f9ad0e4ac74223f7
.yandex.com/	1970-01-21 03:41:03	Name: ymex Value: 1712319651.oyu.2617254051709727651#1741263651.yrts.1709727651
.yandex.com/	1970-01-21 03:41:03	Name: bh Value: KgI/MA==
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2337692901709727651
.diariodoriogrande.com/	1970-01-20 18:55:29	Name: _ym_visorc Value: w
cameesse.net/	1970-01-21 03:41:03	Name: scm Value: 1
cameesse.net/	1970-01-21 03:41:03	Name: oaidts Value: 1709727652
cameesse.net/	1970-01-21 03:41:03	Name: OAID Value: 008017b827c64133f9ad0e4ac74223f7
cameesse.net/	1970-01-21 03:41:03	Name: oaidvc Value: 1
cameesse.net/	1970-01-20 18:55:31	Name: CNT Value: 1_v1_B9RRAAEAAABMTQAA
.diariodoriogrande.com/	1970-01-21 04:31:27	Name: _ga_SWYN22Y0VE Value: GS1.1.1709727655.1.0.1709727655.0.0.0
.diariodoriogrande.com/	1970-01-21 04:31:27	Name: _ga Value: GA1.1.1585941848.1709727655
.diariodoriogrande.com/	1970-01-20 21:05:03	Name: _gcl_au Value: 1.1.980563407.1709727656
.diariodoriogrande.com/	1970-01-21 04:31:27	Name: _ga_3HDJQKS5FB Value: GS1.1.1709727655.1.0.1709727655.0.0.0

155 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: The key "-scalable" is not recognized and ignored.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://tribunapr-br.diariodoriogrande.com/resources/ads/dist/bundle.js Message: Mixed Content: The page at 'https://tribunapr-br.diariodoriogrande.com/' was loaded over HTTPS, but requested an insecure resource 'http://tribunapr-br.diariodoriogrande.com/resources/ads/config/mapping.json'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://connect.facebook.net/signals/config/471716957444426?v=2.9.148&r=stable&domain=tribunapr-br.diariodoriogrande.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tribunapr-br.diariodoriogrande.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aistekso.net
cameesse.net
connect.facebook.net
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
interstitial-08.com
jouteetu.net
littlecdn.com
mc.yandex.com
mc.yandex.ru
mcdp-nydc1.outbrain.com
mv.outbrain.com
my.rtmark.net
offerimage.com
petchoub.com
phamsacm.net
securepubads.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
tribunapr-br.diariodoriogrande.com
tzegilo.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.netdeal.com.br
tribunapr-br.diariodoriogrande.com
139.45.195.254
139.45.195.8
139.45.197.151
139.45.197.242
139.45.197.244
139.45.197.246
139.45.197.251
146.75.30.132
2001:4860:4802:32::178
23.196.238.181
23.51.57.192
2606:4700:10::6816:21ac
2606:4700:10::ac43:a62
2606:4700:3030::6815:5974
2606:4700:3033::6815:bf5
2606:4700:3035::6815:1c85
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80e::200a
2607:f8b0:4006:817::2001
2607:f8b0:4006:820::2003
2607:f8b0:4006:824::2002
2a02:6b8::1:119
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
70.42.32.127
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
04973a33fed43906f38c9602ab3ee902b1daff5ff88930307792c05fe79394b2
0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019
12ad8c79c47fdedb0efc27470e7d1dd02ece30e00bde5902efb975e9b72cf018
1de34347059320a70e04dfe1109e0c8a09b58cf32983a5f88c8ee91a03173466
1e0b21efbce007613e7929868414fa4f148ab8afcd6a1ea8a060481dfcf82685
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
231cae0b1016416feb81e28128f0c5cd3d1b94a7f00b56d9fa017429f51b1338
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
278d4648a09e18f980cef2025706ff54b9bad840ae57c79009bc17e0bd017c5d
32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b
35a44941f72cbeec9508068c6af0447f4958555c8522039ec6d4d013a843f24d
39717bd09191935fdd7a543d205492e153daf7f87c522e486cd42fae84a5fc03
3a9ac832533d5a3ee5f42817990c459d33032cca44ad0cb572bfbc920e014855
3cbbfaef1e9e7466f3d3a51cd44ab4e9c772f1eaaa47a0a4fb1bb9ee9d30475c
4aa09b4c9476fa1335ee761d4988177c69e685a6bee6b00fe87264c7e306ed85
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e47d3e049fd6838fb97ac82e465263a919f30887c6a996d7d8c3ab6e2cdf3b2
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
5c150266f8c6c6d931a4a0fac563f2edff70de3ccb410d73b4673c456f3f67f9
5cb654ef13cab9f952dc29408a857a3f8f8ae88af25470737d4d164deff3160b
5ec3a0b2e11329044ebda7d56ac93988ea56bd3ee363dfe21abc4cc78c636ef4
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
65560a5b844fe9bc9d4c3f29c0ea49ded22866a2c0b2b5fa640c37bd0a30e637
67373f3aeb386c018d3806856fe1c7fbb54caa05ee1653476aa4fad3cbf8be33
67c7cd645d6e4db67f553c2191560e11463196f2e6d117c26007eb30741ba524
69ac1beb9ef85409d0cf282d94308490fd164b2ffb3f7941fdf2acf383a2559d
6ec8ce73c937ffe3093ce349781826c85d6be4fcaf1d1829909cae9bc41886d0
76d2557eeb69b8934253e2892c6a80cf8f27ecb31ca33605d798007a9b73d541
8427313ad4216d32fc657659ca2d8d09d59443f33ae320929ab71e5219faaf80
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
876f5fcb84c6784ef5f5a4d74e8122e6b4dac1167790231eb2395629492c70c7
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
8b6533d387e797498abdbe30ace78455b564dde62899d2bf8a939c07730a6505
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8cf83d1141e53bf1bd916c47fd6e9559bde7e47acd4812e45c0def182334da75
8e753e3f2746f99752d2e0c4df92615fab0daa27aeefb4e6b4c0e64a03a2f0af
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
a23a100d20dcde220282e015b9a0c8f54810deeaf57f129c68c6d58073ccffdc
a7be3dd0a41bf2f61b602dca13b2fb2b29f5db27b2c436478fa799344c198641
b524de0774baa911dd98b61d49a5fbe8a1fc91576bbf20f23f16b8693855bb8c
bdb49f2d869820f416908a9562838bf9c43888a01a06f0eadf64e2f6a73311b6
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
bfa43032d563ab661974f76827ef4d21ccadf44541439a72d0297f46d5d2ec58
c3755841ecb257d991d3302ac3a5cf3817ec61095be2200e98dd7102cb69f228
c7cd710437c66f0de8ef119050bbec594b70821b32fbf74da33b5ca7b7e038db
c7f4b8b633c542af143d5201c997bca5641118e7af3b25e7c7202bd370d8e771
ca67cb1ceea6819c7a252af1ff499465bd8dbf522dbc69579038b648d9457806
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d172a220061aae57fc0d9d2e22f201e123478c1274234bb33faebb14a78735e4
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d4b75b35557d053e7859b791dbf4209d5c8de124cc62a5d1c016aa2f0bdc88a5
d5b496f28ffb7acdc2c9997e434e2c3e72f9cc3ab5cdf50fc17753bffac268b2
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
d94e5a551d5539aee7ce3cdebc3620b0058adb05f4692a833af4110ef82c4411
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85bf5698dd4044f1c9717102cda305066572a01b55238cdcd9398380f4b4b66
f5bc325cf7a67d4a36fc0ff25e2284ec11d3c1ed8b90443ee19192354e821e0f
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
f8aa2b9a6b826a374749812d67bd87764346d27d41477b90903f5d786e0e3acf

tribunapr-br.diariodoriogrande.com Open in urlscan Pro 2606:4700:3035::6815:1c85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

100 Requests

94 %HTTPS

56 %IPv6

25 Domains

28 Subdomains

26 IPs

3 Countries

1386 kBTransfer

3738 kBSize

39 Cookies

3 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tribunapr-br.diariodoriogrande.com Open in urlscan Pro
2606:4700:3035::6815:1c85 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

94 %
HTTPS

56 %
IPv6

25
Domains

28
Subdomains

26
IPs

3
Countries

1386 kB
Transfer

3738 kB
Size

39
Cookies

100 HTTP transactions
2 data transactions