urlscan.io logo urlscan.io
SecurityTrails logo

fanoticias.com.br Open in urlscan Pro
2606:4700:3036::ac43:8f82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fanoticias.com.br/
Effective URL: https://fanoticias.com.br/
Submission: On May 19 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 12 countries across 75 domains to perform 280 HTTP transactions. The main IP is 2606:4700:3036::ac43:8f82, located in United States and belongs to CLOUDFLARENET, US. The main domain is fanoticias.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2020. Valid for: a year.
This is the only time fanoticias.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 11 2606:4700:20:... 13335 (CLOUDFLAR...)
4 191.234.177.186 8075 (MICROSOFT...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 199.232.137.44 54113 (FASTLY)
10 2a00:1450:400... 15169 (GOOGLE)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 10 142.250.186.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 143.204.202.123 16509 (AMAZON-02)
2 2a03:2880:f04... 32934 (FACEBOOK)
1 99.86.242.109 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a04:4e42:1b:... 54113 (FASTLY)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 148.69.64.109 12353 (VODAFONE-...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.227.165.14 14618 (AMAZON-AES)
33 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 148.69.64.76 12353 (VODAFONE-...)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 81.94.208.229 34587 (HLM2-AS)
1 2620:116:800d... 16509 (AMAZON-02)
2 34.98.67.61 15169 (GOOGLE)
2 2 35.186.253.211 15169 (GOOGLE)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 1 79.137.69.91 16276 (OVH)
4 35.157.246.167 16509 (AMAZON-02)
1 185.184.8.30 204995 (RTB-HOUSE...)
1 2 46.249.52.249 50673 (SERVERIUS-AS)
1 178.250.2.131 44788 (ASN-CRITE...)
5 6 136.144.59.88 54825 (PACKET)
1 185.33.221.13 29990 (ASN-APPNEX)
1 14 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
17 2606:4700:10:... 13335 (CLOUDFLAR...)
4 4 216.52.2.39 29791 (VOXEL-DOT...)
1 5.178.65.245 50673 (SERVERIUS-AS)
2 2 213.19.147.45 3356 (LEVEL3)
3 4 76.223.111.131 16509 (AMAZON-02)
1 1 213.19.147.44 26120 (RHYTHMONE)
1 5.178.65.246 50673 (SERVERIUS-AS)
7 8 185.33.220.244 29990 (ASN-APPNEX)
2 3 35.227.248.159 15169 (GOOGLE)
1 37.157.6.245 198622 (ADFORM)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 185.64.189.115 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 3 54.194.220.26 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.103 24961 (MYLOC-AS ...)
2 2 34.251.130.56 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 52.29.225.117 16509 (AMAZON-02)
2 54.194.38.108 16509 (AMAZON-02)
1 168.119.149.178 24940 (HETZNER-AS)
2 2 151.101.114.49 54113 (FASTLY)
1 1 184.30.20.207 16625 (AKAMAI-AS)
1 1 18.213.190.7 14618 (AMAZON-AES)
1 2 52.95.116.38 16509 (AMAZON-02)
1 1 23.45.99.241 16625 (AKAMAI-AS)
1 54.74.77.155 16509 (AMAZON-02)
2 2 35.156.153.71 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
1 1 54.80.104.134 14618 (AMAZON-AES)
2 178.162.133.149 60781 (LEASEWEB-...)
3 7 2.18.234.21 16625 (AKAMAI-AS)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
2 2 88.212.252.2 7979 (SERVERS-COM)
1 51.38.120.206 16276 (OVH)
1 67.202.110.22 32748 (STEADFAST)
2 2.18.233.180 16625 (AKAMAI-AS)
1 2 52.94.232.32 16509 (AMAZON-02)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 35.241.40.233 15169 (GOOGLE)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
280 74
52    2606:4700:3036::ac43:8f82 (United States)

ASN13335 (CLOUDFLARENET, US)
fanoticias.com.br
4    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    2606:4700:20::681a:fee (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
logs.vlitag.com
media.vlitag.com
4    191.234.177.186 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
boataxa.com.br
1    2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
4    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
10    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a02:26f0:6c00:1b7::3015 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
widget.twnmm.com
10    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
cm.g.doubleclick.net
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
13    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
adservice.google.de
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    143.204.202.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-123.fra53.r.cloudfront.net
sb.scorecardresearch.com
2    2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    99.86.242.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-242-109.vie50.r.cloudfront.net
tagmanager.alright.network
1    2606:4700:20::681a:b75 (United States)

ASN13335 (CLOUDFLARENET, US)
clevernt.com
2    2606:4700:3036::6815:5b0c (United States)

ASN13335 (CLOUDFLARENET, US)
data.gblcdn.com
server.gblcdn.com
2    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.googlevideo.com
1    2a00:1450:4001:6b::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r4---sn-4g5ednss.googlevideo.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    148.69.64.109 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: host-109.clevernetwork.pt
ui.clevernt.com
1    2606:4700:3033::ac43:ae4e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.a-latam.com
1    34.227.165.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-165-14.compute-1.amazonaws.com
analytics.alright.network
33    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
sender.clevernt.com
14    2606:4700:20::ac43:447b (United States)

ASN13335 (CLOUDFLARENET, US)
lp.clevernetwork.pt
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    81.94.208.229 (Stoke-on-Trent, United Kingdom)

ASN34587 (HLM2-AS, GB)
members.bet365.de
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    79.137.69.91 (France)

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl
googlecm.hit.gemius.pl
4    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
prebid-eu.creativecdn.com
2    46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
6    136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs-simple.com
14    2606:4700:20::ac43:47f1 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
17    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
4    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
2    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
4    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
1    5.178.65.246 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
sync.e-planning.net
8    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    2600:1f18:6593:f601:8db1:1078:892f:cd87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b002:ebbe:4057:3491:6f67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    54.194.220.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-220-26.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Bellagio, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
1    89.163.159.103 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
2    34.251.130.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-130-56.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
cms.analytics.yahoo.com
1    52.29.225.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-225-117.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    54.194.38.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-38-108.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de
sync.richaudience.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    18.213.190.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.116.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    54.74.77.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    35.156.153.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    54.80.104.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
2    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    88.212.252.2 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    51.38.120.206 (France)

ASN16276 (OVH, FR)
onetag-sys.com
1    67.202.110.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-110.static.steadfastdns.net
ssc-cms.33across.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
1    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
Apex Domain
Subdomains		 Transfer
52 fanoticias.com.br
fanoticias.com.br
4 MB
43 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
328 KB
22 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
222 KB
17 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
5 KB
14 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
6 KB
14 clevernetwork.pt
lp.clevernetwork.pt
427 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
179 KB
11 vlitag.com
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
logs.vlitag.com
media.vlitag.com
429 KB
8 adnxs.com
ib.adnxs.com
7 KB
8 yahoo.com
c2shb.ssp.yahoo.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
11 KB
8 google.com
adservice.google.com
www.google.com
551 B
7 casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
7 KB
6 pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
ads.pubmatic.com
18 KB
6 a-mo.net
prebid.a-mo.net
1 KB
5 googletagservices.com
www.googletagservices.com
156 KB
5 twnmm.com
widget.twnmm.com
16 KB
5 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
119 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
2 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 lijit.com
ap.lijit.com
2 KB
4 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
2 KB
4 google.de
adservice.google.de
www.google.de
559 B
4 taboola.com
cdn.taboola.com
trc.taboola.com
138 KB
4 boataxa.com.br
boataxa.com.br
8 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
942 B
3 demdex.net
dpm.demdex.net
2 KB
3 tapad.com
pixel.tapad.com
1 KB
3 clevernt.com
clevernt.com
ui.clevernt.com
sender.clevernt.com
50 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
2 betweendigital.com
ads.betweendigital.com
925 B
2 sonobi.com
sync.go.sonobi.com
1 KB
2 advertising.com
pixel.advertising.com
677 B
2 everesttech.net
sync-tm.everesttech.net
856 B
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 weborama.fr
idsync.frontend.weborama.fr
842 B
2 tidaltv.com
sync.tidaltv.com
793 B
2 1rx.io
sync.1rx.io
1 KB
2 criteo.net
static.criteo.net
51 KB
2 criteo.com
bidder.criteo.com
gum.criteo.com
473 B
2 openx.net
rtb.openx.net
757 B
2 mookie1.com
odr.mookie1.com
430 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 googlevideo.com
redirector.googlevideo.com
r4---sn-4g5ednss.googlevideo.com
990 B
2 jsdelivr.net
cdn.jsdelivr.net
2 KB
2 gblcdn.com
data.gblcdn.com
server.gblcdn.com
8 KB
2 alright.network
tagmanager.alright.network
analytics.alright.network
44 KB
2 facebook.net
connect.facebook.net
65 KB
2 cloudflare.com
cdnjs.cloudflare.com
ajax.cloudflare.com
37 KB
1 dotomi.com
casale-match.dotomi.com
187 B
1 brand-display.com
dmp.brand-display.com
253 B
1 33across.com
ssc-cms.33across.com
1 onetag-sys.com
onetag-sys.com
818 B
1 advangelists.com
nep.advangelists.com
226 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
38 B
1 bluekai.com
tags.bluekai.com
345 B
1 mathtag.com
pixel.mathtag.com
725 B
1 richaudience.com
sync.richaudience.com
360 B
1 agkn.com
aa.agkn.com
382 B
1 theadex.com
dmp.theadex.com
378 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
411 B
1 adform.net
dmp.adform.net
331 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
490 B
1 adnxs-simple.com
ib.adnxs-simple.com
1018 B
1 creativecdn.com
prebid-eu.creativecdn.com
179 B
1 gemius.pl
googlecm.hit.gemius.pl
335 B
1 rubiconproject.com
pixel.rubiconproject.com
456 B
1 quantserve.com
cms.quantserve.com
464 B
1 bet365.de
members.bet365.de
715 B
1 a-latam.com
cdn.a-latam.com
88 KB
1 googletagmanager.com
www.googletagmanager.com
35 KB
1 googleadservices.com
partner.googleadservices.com
643 B
1 addtoany.com
static.addtoany.com
26 KB
280 75
Domain Requested by
52 fanoticias.com.br 1 redirects fanoticias.com.br
33 tpc.googlesyndication.com googleads.g.doubleclick.net
fanoticias.com.br
tpc.googlesyndication.com
pagead2.googlesyndication.com
14 mwzeom.zeotap.com spl.zeotap.com
14 lp.clevernetwork.pt fanoticias.com.br
lp.clevernetwork.pt
ajax.cloudflare.com
12 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
fanoticias.com.br
googleads.g.doubleclick.net
10 fonts.gstatic.com fonts.googleapis.com
10 pagead2.googlesyndication.com fanoticias.com.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 ib.adnxs.com 7 redirects spl.zeotap.com
7 cm.g.doubleclick.net 3 redirects fanoticias.com.br
googleads.g.doubleclick.net
6 prebid.a-mo.net 5 redirects assets.vlitag.com
6 assets.vlitag.com tag.vlitag.com
fanoticias.com.br
5 www.google.com 2 redirects googleads.g.doubleclick.net
fanoticias.com.br
5 www.googletagservices.com pagead2.googlesyndication.com
tag.vlitag.com
googleads.g.doubleclick.net
5 widget.twnmm.com fanoticias.com.br
widget.twnmm.com
4 match.adsrvr.org 3 redirects ssum-sec.casalemedia.com
4 ap.lijit.com 4 redirects
4 c2shb.ssp.yahoo.com assets.vlitag.com
4 boataxa.com.br fanoticias.com.br
boataxa.com.br
4 fonts.googleapis.com fanoticias.com.br
lp.clevernetwork.pt
googleads.g.doubleclick.net
3 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
3 dpm.demdex.net 2 redirects ssum-sec.casalemedia.com
3 pixel.tapad.com 2 redirects spl.zeotap.com
3 spl.zeotap.com assets.vlitag.com
spl.zeotap.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
fanoticias.com.br
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 cdn.taboola.com fanoticias.com.br
cdn.taboola.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
2 ads.pubmatic.com sync.quantumdex.io
ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 image2.pubmatic.com 2 redirects
2 sync.go.sonobi.com sync.quantumdex.io
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 bcp.crwdcntrl.net 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 static.criteo.net assets.vlitag.com
static.criteo.net
2 ads.us.e-planning.net 1 redirects
2 rtb.openx.net 2 redirects
2 odr.mookie1.com googleads.g.doubleclick.net
spl.zeotap.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.jsdelivr.net assets.vlitag.com
cdn.a-latam.com
2 connect.facebook.net fanoticias.com.br
connect.facebook.net
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 services.vlitag.com fanoticias.com.br
services.vlitag.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 ssc-cms.33across.com sync.quantumdex.io
1 onetag-sys.com sync.quantumdex.io
1 ms.quantumdex.io 1 redirects
1 ssum.casalemedia.com 1 redirects
1 nep.advangelists.com 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com spl.zeotap.com
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 sync.e-planning.net
1 sync.targeting.unrulymedia.com 1 redirects
1 u-ams02.e-planning.net
1 gum.criteo.com static.criteo.net
1 useast.quantumdex.io assets.vlitag.com
1 ib.adnxs-simple.com assets.vlitag.com
1 bidder.criteo.com assets.vlitag.com
1 prebid-eu.creativecdn.com assets.vlitag.com
1 googlecm.hit.gemius.pl 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 members.bet365.de lp.clevernetwork.pt
1 www.gstatic.com googleads.g.doubleclick.net
1 ajax.cloudflare.com lp.clevernetwork.pt
1 sender.clevernt.com 1 redirects
1 www.google.de fanoticias.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 analytics.alright.network fanoticias.com.br
1 cdn.a-latam.com tagmanager.alright.network
1 server.gblcdn.com data.gblcdn.com
1 ui.clevernt.com fanoticias.com.br
1 r4---sn-4g5ednss.googlevideo.com fanoticias.com.br
1 redirector.googlevideo.com 1 redirects
1 media.vlitag.com 1 redirects
1 logs.vlitag.com fanoticias.com.br
1 data.gblcdn.com fanoticias.com.br
1 clevernt.com fanoticias.com.br
1 tagmanager.alright.network fanoticias.com.br
1 imasdk.googleapis.com tag.vlitag.com
1 www.googletagmanager.com fanoticias.com.br
1 cdnjs.cloudflare.com fanoticias.com.br
1 partner.googleadservices.com pagead2.googlesyndication.com
1 tag.vlitag.com services.vlitag.com
1 static.addtoany.com fanoticias.com.br
280 110
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.boataxa.com.br
Go Daddy Secure Certificate Authority - G2		 2020-08-31 -
2021-09-19		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.theweathernetwork.com
DigiCert SHA2 Secure Server CA		 2021-02-10 -
2022-02-14		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.alright.network
Amazon		 2020-08-25 -
2021-09-24		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-18 -
2022-03-26		 10 months crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-05-11 -
2021-07-20		 2 months crt.sh
*.clevernt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-23 -
2022-02-23		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.bet365.de
Thawte RSA CA 2018		 2020-09-22 -
2021-09-27		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
ads.us.e-planning.net
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.a-mo.net
R3		 2021-05-11 -
2021-08-09		 3 months crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2021-03-17 -
2022-03-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.e-planning.net
R3		 2021-03-26 -
2021-06-24		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.redinuid.imrworldwide.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh

This page contains 26 frames:

Primary Page: https://fanoticias.com.br/
Frame ID: 53C80E46886E91B6043AB4BF98764919
Requests: 185 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: C3E9696B0ED30B2FBC45A72EF7644408
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&adk=1812271804&adf=3025194257&lmt=1621425936&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffanoticias.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936093&bpp=8&bdt=243&idt=151&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7836004191276&frm=20&pv=2&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
Frame ID: 1C9C5CAD54B2825FAAAE049BF00495B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
Frame ID: 7D8DE32DD1BDDBDE3ABFFECF5432EEF5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
Frame ID: 8A4834ACC21DBA22676896C373EE0AFB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Frame ID: 8819EC7DB3BEA79792B72851F5206832
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CQ-z_EP-kYJu4FZLC3gPIlKrQDJmlto5iv6nH6_sMkffH94MCEAEg4vXMQGCVAqAB5rC9vwPIAQmpAl4VUHf_iLQ-qAMByANIqgTCAU_Q15I57TKjjgN-QQzwS7Irj14KJ3H3i-7ZzeFtFO46AkqVkgE-Th_-IhQIhwV3iOXJ697G6GJTLFAUN2pNRQMM8dsTvCT09NGtZBHlaSA6dxCuRFtoCCBwoeHAWMzYvWLwUtQHoV-NDpjDm8AU8J9EhjR3KP5gcos39UXhs2mEzHLSB7MvUaU6AqwiVS5hfMS8DgL6ngaqqn-HNv0PZ4tDKrBspDCUyl6ZUOEEO06UFpg8bkFVoUplNN4fRyhLLq0YwASp3q_EwQOSBQQIBBgBkgUECAUYBKAGLoAHgs_CQKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDG1V_SCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMTY3ODQ5MDM3OTY3OTE4OQ&sigh=Rmxcuwoh7Xg&template_id=419
Frame ID: 24C58789A6A2C1A36C6D490BC6E88A24
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Frame ID: 189D5AC619256C498FA827EFF5412E37
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C8RpwEP-kYI7pG5mz3gOLxYKADpmlto5iv6nH6_sMloLNhYgWEAEg4vXMQGCVAqAB5rC9vwPIAQmpAl4VUHf_iLQ-qAMByANIqgS8AU_QxqTMUwqwEz9l2qXVRHKywElTncSOBG4CvZUW_4pAHzYXPuNGmbaUZvF7sbnzBD_WtRrUuWCxIG_JVP9dhvhi6WP9LL1m1vboqba41LWEb0A3GHoV9AaLgNUqbPjbuOrCxoPxK1L2J4uH8mXIpG6JIiwXext_1N353gMoQh2ISa3iydt5upyiB7vDfbSXk54qYKfcMC6iPCm_CrDJXMzA570qiVMo4DxuZ0i3eMx5zpZi5GsUthneD_TTwASp3q_EwQOSBQQIBBgBkgUECAUYBKAGLoAHgs_CQKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCmrxPSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMTY3ODQ5MDM3OTY3OTE4OQ&sigh=kNNMHuFairk&template_id=419
Frame ID: 820A7394BA85EAAF7A4678B5859704DA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EA4F3E92FCB2B153431E5B5BF0A4D4DE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E44F2BCD85C273DA2A5C7022603D6B30
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Frame ID: 18722E213227D3123F3FF75991632109
Requests: 15 HTTP requests in this frame

Frame: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Frame ID: 8B4444ACD4B2EB2F2EB9925DD6621615
Requests: 18 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01004919
Frame ID: 0C9DD11CA310FCA081CC30D2C6437C69
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 50F600EFB1044C68E0B89DA92E5F9FF2
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Frame ID: 15E5A18A1BBC3E575557CF3D7BAFA158
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 55746D88A68A14AB6472697EDAC47A33
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=fanoticias.com.br&gdpr=1&gdpr_consent=
Frame ID: 42C3588E96D58F80011301AC3D520598
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361&cmp=0
Frame ID: 73B1841B24F03441806FC636C9BB29AB
Requests: 31 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 697FD57E3400E4B9A92CB65B6F0D3B27
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 629E2EACAD6AF7F6C06E546F9FE5E9E5
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 181EC0B4322292B5A0348B74FA15BD36
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 1015251FF41B65FBAEB9F96E5CF74645
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 8148835307DBB6C436BCDC9F1FE56BAD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 8597E51287C562B24894A3041388CB7A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 94EB139372AFF5F0B714AE07504B693B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://fanoticias.com.br/ HTTP 301
    https://fanoticias.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

280
Requests

99 %
HTTPS

41 %
IPv6

75
Domains

110
Subdomains

74
IPs

12
Countries

6294 kB
Transfer

12413 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fanoticias.com.br/ HTTP 301
    https://fanoticias.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1621425937418&ns_c=UTF-8&cv=3.5&c8=Home%20%E2%80%93%20FA%20NOT%C3%8DCIAS%20-%20Not%C3%ADcias%20de%20S%C3%A3o%20Mateus%20e%20Norte%20do%20ES&c7=https%3A%2F%2Ffanoticias.com.br%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621425937418&ns_c=UTF-8&cv=3.5&c8=Home%20%E2%80%93%20FA%20NOT%C3%8DCIAS%20-%20Not%C3%ADcias%20de%20S%C3%A3o%20Mateus%20e%20Norte%20do%20ES&c7=https%3A%2F%2Ffanoticias.com.br%2F&c9=
Request Chain 120
  • https://media.vlitag.com/vid/?id=HhZDAZTz3rk&t=y HTTP 302
  • https://redirector.googlevideo.com/videoplayback?expire=1621435972&ei=5NGkYLWpHc2Z8gOupKDgCQ&ip=5.181.168.41&id=o-AAf2_pKqnSgLTErYsuyKb2NiNaGXQjAFwPkNB3qofGIl&itag=22&source=youtube&requiressl=yes&mh=nd&mm=31%2C29&mn=sn-5hnekn7d%2Csn-5hne6nsy&ms=au%2Crdu&mv=u&mvi=4&pl=24&pcm2=yes&vprv=1&mime=video%2Fmp4&ns=ENlCYtrevoOsBU-8ZTVlVTIF&ratebypass=yes&dur=194.258&lmt=1550834785924815&mt=1621413809&fvip=4&fexp=24001373%2C24007246&c=WEB&txp=2216222&n=4RetVQNamTi3EIpyP&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKrpeRdwk6hFwfYgcO-LUFRTncTGPAYhvZN3RepvzV4lAiEA5Uha6UDjHsWW8DhnJw_g8yi7GGF0n7dIO8iY57vI8RQ%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgRJ67Q9W3ErdWk83eSb0QVhE3M5DVAJ_b5YKvrcN6lz4CIQDqa2Dx1gl662mz_rZ-PS1NcdxP4nTA1WWVH0v-jOTRzQ%3D%3D HTTP 302
  • https://r4---sn-4g5ednss.googlevideo.com/videoplayback?expire=1621435972&ei=5NGkYLWpHc2Z8gOupKDgCQ&ip=5.181.168.41&id=o-AAf2_pKqnSgLTErYsuyKb2NiNaGXQjAFwPkNB3qofGIl&itag=22&source=youtube&requiressl=yes&pcm2=yes&vprv=1&mime=video%2Fmp4&ns=ENlCYtrevoOsBU-8ZTVlVTIF&ratebypass=yes&dur=194.258&lmt=1550834785924815&fexp=24001373%2C24007246&c=WEB&txp=2216222&n=4RetVQNamTi3EIpyP&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKrpeRdwk6hFwfYgcO-LUFRTncTGPAYhvZN3RepvzV4lAiEA5Uha6UDjHsWW8DhnJw_g8yi7GGF0n7dIO8iY57vI8RQ%3D&cms_redirect=yes&mh=nd&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednss&ms=au&mt=1621425660&mv=m&mvi=4&pl=47&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAI6qUc6s3PDSMHnYQTYF7-iVeH0K2Zu761C0vD52kPmbAiEAthvF607rDPU6FQnfb-GI7x-L8kTRDgDf5bBaZF8Gn5Y%3D
Request Chain 159
  • https://sender.clevernt.com/transporter/37830.php?ppuc=1&ppu=0&id=400126&ref=aHR0cHM6Ly9mYW5vdGljaWFzLmNvbS5ici8%3D&ruri=&r=766860096&tok=55077511905211577055&iv=-1&ctr=DE&sz=1200&wn=&res=1600x1200&landing=1&hei=360&ts=0.688 HTTP 302
  • https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Request Chain 172
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 173
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 225
  • https://rtb.openx.net/sync/dds?google_gid=CAESEK2hhpTi260BIbHQuzpinCY&google_cver=1&google_push=AQvitUIyhEKa96OEqbIaG118_d0luoMwUCDBtd8KsFsqEFzq5GQ1KyX1NAgaCZ0usKp5NVTsBJJUNUFrh-crvfC6A_S7TSI0Xg HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEK2hhpTi260BIbHQuzpinCY&google_cver=1&google_push=AQvitUIyhEKa96OEqbIaG118_d0luoMwUCDBtd8KsFsqEFzq5GQ1KyX1NAgaCZ0usKp5NVTsBJJUNUFrh-crvfC6A_S7TSI0Xg&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIyhEKa96OEqbIaG118_d0luoMwUCDBtd8KsFsqEFzq5GQ1KyX1NAgaCZ0usKp5NVTsBJJUNUFrh-crvfC6A_S7TSI0Xg&google_hm=z8xnM7zwzYwuY9ZY3JkR6w==
Request Chain 226
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJqEY-lTrvlXuVwWd7Y1Y0o&google_cver=1&google_push=AQvitUKi4WhnwYYTsztu8SxNaNQ8kZ5fkAtgyVBoSJwkCXUFEYPz3R11kChEN9oQTs_2c7nIBDhwbarjdxqOSLpYKe3WunqyBeY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09WRjUxWVktNy0ySlNW&google_push=AQvitUKi4WhnwYYTsztu8SxNaNQ8kZ5fkAtgyVBoSJwkCXUFEYPz3R11kChEN9oQTs_2c7nIBDhwbarjdxqOSLpYKe3WunqyBeY
Request Chain 227
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4
Request Chain 228
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPm4JznO_iZZ6WYlKpGKoF8&google_cver=1&google_push=AQvitUKJ-xwTZitICcQW050riBMpUHOjetEcuwt8zVsJ703Y8S3ER5v9uN2yfmBqZ5ulvqgTtyWnzgERKDauFC-D4BKOaPDJHIg HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKJ-xwTZitICcQW050riBMpUHOjetEcuwt8zVsJ703Y8S3ER5v9uN2yfmBqZ5ulvqgTtyWnzgERKDauFC-D4BKOaPDJHIg&google_hm=
Request Chain 255
  • https://ads.us.e-planning.net/hb/1/2c995/1/fanoticias.com.br/ROS?rnd=0.8432870511097408&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Ffanoticias.com.br%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Ffanoticias.com.br%2F&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/fanoticias.com.br/ROS?ct=1&rnd=0.8432870511097408&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Ffanoticias.com.br%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Ffanoticias.com.br%2F&gdpr=1&gdprcs=
Request Chain 271
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Db4348cdc592c7912%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Db4348cdc592c7912%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=b4348cdc592c7912&uid=97a1a10db7b5f7107c92482e
Request Chain 272
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7085285691 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f0218a54-75ea-4a87-a019-4265262f3cb3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a1c8051c-6d2b-4e4f-8c64-edd3df92315d-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-a1c8051c-6d2b-4e4f-8c64-edd3df92315d-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-a1c8051c-6d2b-4e4f-8c64-edd3df92315d-003&dc=1079cc634ca638f8&iss=1
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEG5dHh43IxQYHO6f3RQhaVQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Request Chain 275
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=468d4dee-617c-473a-b637-a4c3c41b10c5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Request Chain 277
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f0218a54-75ea-4a87-a019-4265262f3cb3&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Request Chain 281
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f6772532-587b-4455-ba39-b7fe29301d47&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 282
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f14a58d5-213f-4634-74b2-a7adcef6d818&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f14a58d5-213f-4634-74b2-a7adcef6d818&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=34904531253065351864193442308075672467&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Request Chain 284
  • https://bn01.er.bemail.it/zeotap.php?_bid=f14a58d5-213f-4634-74b2-a7adcef6d818&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021051914-16062-0.997630001621425943-1bc809b0448ebdc5719e28c8f7710e5b&zdid=533&env=mWeb
Request Chain 285
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6963971402367498389&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Request Chain 287
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f14a58d5-213f-4634-74b2-a7adcef6d818&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f14a58d5-213f-4634-74b2-a7adcef6d818&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361&bounce=1&random=2140362717 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=qaGlCUuN1esDL9z28x6U0e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Request Chain 289
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f14a58d5-213f-4634-74b2-a7adcef6d818?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=f14a58d5-213f-4634-74b2-a7adcef6d818?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=5fbf9cb8b94c3f624045c4f749242f60&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Request Chain 290
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-tKAkyvNE2ooVIj7T3tzSk427B06oFwwg.g--~A&zpartnerid=570&env=mWeb
Request Chain 291
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=6HJfPSOsXBMk5ZUzv7JIkvB8nKtamx3D%2BS41iYitP1U%3D
Request Chain 295
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361&_test=YKT-GAABFBImwAAC HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YKT-GAABFBImwAAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361&_test=YKT-GAABFBImwAAC
Request Chain 296
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=4e6c60a4-ff18-4600-9b56-30472092c757&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Request Chain 297
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Request Chain 298
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f14a58d5-213f-4634-74b2-a7adcef6d818&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f14a58d5-213f-4634-74b2-a7adcef6d818&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361&dcc=t
Request Chain 299
  • https://tags.bluekai.com/site/87734?id=f14a58d5-213f-4634-74b2-a7adcef6d818&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 303
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP89c86d3e-b89a-11eb-927c-06c2af1b9a58 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP89c86d3e-b89a-11eb-927c-06c2af1b9a58
Request Chain 304
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-515860c7-09f3-4836-b639-1a2d9d93102b
Request Chain 306
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D3f5e4404-3da0-440f-ac31-0700716c5293%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 302
  • https://prebid.a-mo.net/cchain/0?A=3f5e4404-3da0-440f-ac31-0700716c5293&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=3987439046231038006 HTTP 302
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D3f5e4404-3da0-440f-ac31-0700716c5293%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D$UID HTTP 307
  • https://prebid.a-mo.net/cchain/1?A=3f5e4404-3da0-440f-ac31-0700716c5293&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=97a1a10db7b5f7107c92482e HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D3f5e4404-3da0-440f-ac31-0700716c5293%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/2?A=3f5e4404-3da0-440f-ac31-0700716c5293&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YKT-GIY07MPHnowDp0NNfwAA%261219 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D3f5e4404-3da0-440f-ac31-0700716c5293%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D3f5e4404-3da0-440f-ac31-0700716c5293%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/3?A=3f5e4404-3da0-440f-ac31-0700716c5293&bidder=pubmatic&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=3f5e4404-3da0-440f-ac31-0700716c5293
Request Chain 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3987439046231038006
Request Chain 308
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ax9OkVJE2uHsdwOCpM3DgqUqLWcCeTzwm9z0SuI-~A
Request Chain 309
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=63d282c5-0904-518b-8751-98f8e7f567e0
Request Chain 310
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3987439046231038006
Request Chain 311
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=97a1a10db7b5f7107c92482e
Request Chain 312
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3987439046231038006
Request Chain 313
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=864e11a7-18d4-47c8-89a4-cb8100944ee9
Request Chain 314
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 321
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YKT-GIY07MPHnowDp0NNfwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB1Tvhnj5SFn1FCODFZ-scU&google_cver=1&gdpr=1
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YKT_GIY07MPHnowDp0NNfwAABMMAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEY-TvhLfeHZrvzggL2cflA&google_cver=1
Request Chain 323
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKT_GIY07MPHnowDp0NNfwAABMMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKT_GIY07MPHnowDp0NNfwAABMMAAAAB&dcc=t
Request Chain 327
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1621512344&gdpr=1

280 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fanoticias.com.br/
Redirect Chain
  • http://fanoticias.com.br/
  • https://fanoticias.com.br/
524 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
584100f5da4edabe59cbfd3c721f68a2cc30f6ab2b8eb2446b5e0f5086877d62

Request headers

:method
GET
:authority
fanoticias.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:35 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.27
link
<https://fanoticias.com.br/>; rel=shortlink
x-litespeed-cache
hit
vary
Accept-Encoding
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a261d6c5c00004e6d6e0fc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0nd01xuot6NIMtANCW98NHYcq2x2VI8f7J1Gyl9JfgWWregJgLDeN10G8%2BLPaXGVx9nopBt9TPcUksKWNN5o7vqEMQajsF%2BWKYDnmx%2BNaJwvG8PdXE18und6hKVKcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
651d31c09e9b4e6d-FRA
content-encoding
br

Redirect headers

Date
Wed, 19 May 2021 12:05:35 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 19 May 2021 13:05:35 GMT
Location
https://fanoticias.com.br/
cf-request-id
0a261d6c3700004a9d2d1b2000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FfP48vJsrIenBFmMEoXjUWuUtFzV%2FEpn2FSugKGxQK5KKEqzDYvDTA5fPh7ich3yWIswn3ZfyUL%2FwAOrIoVghTk4xMCrvNMxf6MpBw%2Bf1KXJZew6sQnEHHssJpNGKA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
651d31c05e854a9d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
autoptimize_f8aa9de89e1d37d6b190ae2bf1d9fc8e.css
fanoticias.com.br/wp-content/cache/autoptimize/css/ 		727 KB
87 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_f8aa9de89e1d37d6b190ae2bf1d9fc8e.css
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c110f0f08f15da4620ba7b73c82c322f8c1e60b4e8c73f0c83b3b37e1146b85

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_f8aa9de89e1d37d6b190ae2bf1d9fc8e.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6e0300004e6d5bb66000000001
last-modified
Thu, 01 Apr 2021 02:00:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JiFFgm9mp8xVJpCukXgak4rnxqeJ%2Fnt8ic7RIxv8CNfEiNi%2FnTtSSXbKOGX5klTWy4%2FR9xBKZ%2Fk5gtzEu4kAp5b1pie08W%2BGDTmbrApN%2BQAUupPxir09axJxuxQttA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
cf-ray
651d31c33dff4e6d-FRA
expires
Mon, 09 May 2022 09:46:09 GMT
css
fonts.googleapis.com/ 		10 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Advent+Pro%3A700%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7COpen+Sans%3A700%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CAnton%3A400%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CStrait%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CStrait%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CStrait%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CStrait%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CStrait%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7Csans-serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79edf9c146cb3af492cc7c407d03c67cc0f4a48723f8e6deb674cedeb1446f7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 May 2021 12:05:35 GMT
server
ESF
date
Wed, 19 May 2021 12:05:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 May 2021 12:05:35 GMT
jquery.min.js
fanoticias.com.br/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2261412
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6e0100004e6d99164000000001
last-modified
Mon, 01 Feb 2021 23:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9GRmfCSPiNyCKE%2BNYa4A3grIt5O4%2Bia61JKsa%2BSke38fly8AzO8UejcF%2FimZfk7gDZCNt7AyVwhZVWfRWxL86PEg3kYjCCxiPyn2FHsFzSnJZYkj1rsphDW%2FHdwWvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
cf-ray
651d31c33e034e6d-FRA
expires
Sat, 23 Apr 2022 13:55:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f488ba69b34a8b4d924f46e58cbbe62ad1031ee74af785d328ccb54c4cd9b5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47946
x-xss-protection
0
server
cafe
etag
18260956113010957495
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 19 May 2021 12:05:35 GMT
/
services.vlitag.com/adv1/ 		933 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=2350cd5632a214501ea88f6e573a36a5
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0edd3a085049f98afd0d87c293dba1028b8ec1b0215b7d80904a1df5cd588604
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6e3d00004e5512a78000000001
pragma
no-cache
last-modified
Wed, 19 May 2021 12:05:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tqy02BawC6mwC%2BjLwzBYrsEtFEKORj42xzdJsQjJ4UHBJOVlay2KpQ3bmsjgWIWwDS34Zrz01Tao%2FxZNtDuqMFYnjuS1zYJvZTwUJRMLuHbVNtpivZE9oOX6CQC1LnZe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
651d31c39fb04e55-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
boataxa_hoje.js
boataxa.com.br/Api/Scripts/ 		1 KB
887 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boataxa.com.br/Api/Scripts/boataxa_hoje.js
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
191.234.177.186 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1cf7646053beb7109622cacdca1a4187874110e1125b0a36aeb055e228ec0cd0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 12:05:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Feb 2019 20:18:15 GMT
Server
ETag
"80dd8a4122bfd41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
595
wp-emoji-release.min.js
fanoticias.com.br/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.6.4
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.6.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
555308
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6e7900004e6d518d5000000001
last-modified
Thu, 04 Feb 2021 01:52:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O%2B4ClZj8AlRqMLbA5qPBfHIweuOT6MuuiZo5hUIz2%2Flc6uPGyOE3WQ%2FyZhWIaH2ei0txkEy09Uyeo9vjuwkPc59cYV2m58VyfteD7iR%2BaV2001Klo1%2BjnGSWBJWx3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
cf-ray
651d31c3ffed4e6d-FRA
expires
Fri, 13 May 2022 07:50:27 GMT
page.js
static.addtoany.com/menu/ 		84 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
105791
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6e7900002bd6642a4000000001
last-modified
Fri, 14 May 2021 06:41:59 GMT
server
cloudflare
etag
W/"14f2c-5c2448a7281f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
651d31c3fb312bd6-FRA
cf-bgj
minify
loader.js
cdn.taboola.com/libtrc/fanoticias-network/ 		261 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/fanoticias-network/loader.js
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
obaker.93.1.2-11.49.2 /
Resource Hash
6521053904ab8682233f53aa189827cbdcc1a727babbf966bcee3c72b6ef6d96

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
L0mBwfkfWNARUL8hMeGqE_rdSvewYk1U
content-encoding
gzip
etag
"d597791a574515caf70a556e90b3a7a718ca24b2"
age
0
via
1.1 varnish
x-cache
MISS
x-from-cache
1
content-length
27127
x-amz-id-2
R+EqCW6yAran+SZLQBsiIZUZZlq1hFekWUOteBroWBuAjUfO8H4wygubPgZXPdEfSXQDRAFbrQk=
x-served-by
cache-hhn11562-HHN
last-modified
Wed, 19 May 2021 12:05:36 UTC
server
obaker.93.1.2-11.49.2
x-timer
S1621425936.030763,VS0,VE195
date
Wed, 19 May 2021 12:05:36 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
XVS2W4A5TPHD7ERB
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
6
x-cache-hits
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
DtViJxy6WaEr1LZDfzJs.woff2
fonts.gstatic.com/s/strait/v8/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/strait/v8/DtViJxy6WaEr1LZDfzJs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Advent+Pro%3A700%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7COpen+Sans%3A700%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CAnton%3A400%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CStrait%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CStrait%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CStrait%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CStrait%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7CStrait%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese%7Csans-serif%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cd95832ad2f08ef7ee9822ec8de58f6fe437388522cd14f537013b33e2670f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://fanoticias.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:34:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 19:41:19 GMT
server
sffe
age
279039
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9036
x-xss-protection
0
expires
Mon, 16 May 2022 06:34:57 GMT
fontawesome-webfont.woff2
fanoticias.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_f8aa9de89e1d37d6b190ae2bf1d9fc8e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path
/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://fanoticias.com.br
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_f8aa9de89e1d37d6b190ae2bf1d9fc8e.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://fanoticias.com.br
Referer
https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_f8aa9de89e1d37d6b190ae2bf1d9fc8e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1846143
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
cf-request-id
0a261d6e8000004e6d96b1d000000001
last-modified
Mon, 26 Nov 2018 14:34:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f88f9nl%2BdJUnQMX5X2pkNE9DIgBqX%2BACyCPBjI%2B0RqdX8fe5%2FgMNoiIRKQ2nxwz%2F%2FkCMQiv6RcGIIJtBo4n%2BIF9NmHx5A9U4gUcHkqo9NGW0G7lKcz2BYkGn7STtVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31c4080a4e6d-FRA
expires
Thu, 28 Apr 2022 09:16:33 GMT
pelm.js
widget.twnmm.com/js/btn/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.twnmm.com/js/btn/pelm.js?orig=en_ca
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b7::3015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
52e1a89fbb5cdc36f3cab71a8c20a7848297de636813c87a813886e655856e3a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.farmzone.com https://www.farmzone.com http://www.zoneverte.com https://www.zoneverte.com http://widget.twnmm.com https://widget.twnmm.com https://s1.twnmm.com http://beta.theweathernetwork.com https://beta.theweathernetwork.com http://beta.meteomedia.com https://beta.meteomedia.com http://*.theweathernetwork.com https://*.theweathernetwork.com http://*.meteomedia.com https://*.meteomedia.com https://www.flonase.ca
Strict-Transport-Security max-age=0;

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-ttl
content-security-policy
frame-ancestors 'self' http://www.farmzone.com https://www.farmzone.com http://www.zoneverte.com https://www.zoneverte.com http://widget.twnmm.com https://widget.twnmm.com https://s1.twnmm.com http://beta.theweathernetwork.com https://beta.theweathernetwork.com http://beta.meteomedia.com https://beta.meteomedia.com http://*.theweathernetwork.com https://*.theweathernetwork.com http://*.meteomedia.com https://*.meteomedia.com https://www.flonase.ca
content-encoding
br
x-var5-grace
none
x-vcl-recv
set
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-url
/js/btn/pelm.js?orig=en_ca
x-ua-device
desktop
x-iscached
MISS
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3505
x-ua-compatible
IE=Edge,chrome=1
x-vcl-hit
x-vcl-hash
/js/btn/pelm.js?orig=en_ca
x-vcl-miss
set
last-modified
Mon, 26 Apr 2021 14:44:03 GMT
server
Akamai Resource Optimizer
date
Wed, 19 May 2021 12:05:36 GMT
strict-transport-security
max-age=0;
x-varnish
525366917
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=600
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
x-varnish5-iscached
MISS
expires
Fri, 18 Jun 2021 12:05:36 GMT
styles.css
widget.twnmm.com/styles/btn/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.twnmm.com/styles/btn/styles.css
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b7::3015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
78e325e97f9de9db7f25b1ea745a5b23f51527a33e070d10cc156862038981ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.farmzone.com https://www.farmzone.com http://www.zoneverte.com https://www.zoneverte.com http://widget.twnmm.com https://widget.twnmm.com https://s1.twnmm.com http://beta.theweathernetwork.com https://beta.theweathernetwork.com http://beta.meteomedia.com https://beta.meteomedia.com http://*.theweathernetwork.com https://*.theweathernetwork.com http://*.meteomedia.com https://*.meteomedia.com https://www.flonase.ca
Strict-Transport-Security max-age=0;

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-ttl
content-security-policy
frame-ancestors 'self' http://www.farmzone.com https://www.farmzone.com http://www.zoneverte.com https://www.zoneverte.com http://widget.twnmm.com https://widget.twnmm.com https://s1.twnmm.com http://beta.theweathernetwork.com https://beta.theweathernetwork.com http://beta.meteomedia.com https://beta.meteomedia.com http://*.theweathernetwork.com https://*.theweathernetwork.com http://*.meteomedia.com https://*.meteomedia.com https://www.flonase.ca
content-encoding
br
etag
W/"334a-5af5ebb1ac29e-gzip"
x-var5-grace
none
x-vcl-recv
set
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-url
/styles/btn/styles.css
x-ua-device
desktop
x-iscached
MISS
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
2353
x-ua-compatible
IE=Edge,chrome=1
x-vcl-hit
x-vcl-hash
/styles/btn/styles.css
x-vcl-miss
set
last-modified
Wed, 21 Apr 2021 18:56:49 GMT
server
Akamai Resource Optimizer
date
Wed, 19 May 2021 12:05:36 GMT
strict-transport-security
max-age=0;
x-varnish
421113377
cache-control
max-age=2592000, s-maxage=600
accept-ranges
bytes
content-type
text/css
x-varnish5-iscached
MISS
expires
Fri, 18 Jun 2021 12:05:36 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
482871cfb47bca9e7cf09f35e72d76cbd4fe08b2a64a2438f0784bdc9a2f3534

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3920fc482a5a9c9475bb565a427b90078c3e4c9139c739d9f038cddbb8ffd02

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02a64f065603f6fe38e068962ffce1258abeeaa4349e0118c18674986ffedf2e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1de60c76e1a53144c91b1bf9939ad41612946913919fa3c696b0a5b68eae1668

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a144ada9063b8afc0f9a1e4cbdc006ae501ee6a3105bfdf93a3154f0511881b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f8ba4e908359ddebb8f7f4d8d82c966d902e6400072afaca01b9823c9a9eca7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f921135f861a0a69c7d0d4088204f7f516292c004a071500a3cbb0cab6b63d6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
159bc53bd14f1ff458cc56b823ca81e6763898a8110dc1d2ec61fcf796d45fe6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
224275a1bcb0e57d66faefa77097655bdb826acf5f9068ce10bd26d0dc058db8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3d90d234ea06c48fc66c82e4539a5f76cd9a47d164f3910862de09cbcfd66b7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c9b38606882f7e7c39e61e43872f9470fbcfe1e6c953751163cd3ef77d00f15

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8351bb1f6e02aea189de2844c72a5f6d6b5726354d9005d884a7763207e0467a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
130e9fb3cd76abd6c115ed704cdb64c674a8ec01c20bfffa8103107e6431760b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3394c78482e6861bf2cabff42cc6251d6c54e21b9d59984e4a60494cdb9acab7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b462abc06bba650ec1cc71a4cef9200d9f2814cca4813a439847e7bc26b4dc24

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2a1556f46dd5fb47e721878c2bd00b221ba07e8c6c2ee13a11c61f39e49dfeb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 		231 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87252
x-xss-protection
0
server
cafe
etag
5322897297824761394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 May 2021 12:05:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame C3E9 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210517/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fanoticias.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fanoticias.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 18 May 2021 22:33:52 GMT
expires
Tue, 01 Jun 2021 22:33:52 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
48704
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f5227f9b5c341800315f8a328882c603d482e95aa4a0dc1078778c0f5120a70

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c98a279d2255495e665fc218c2065eacedbfb2309758ae8a2756f3293727ef2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da2fd9306cdcb8f49667957267a941057922bb061676c4a14679db5e51765eea

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff19b214b0a4bda8981bdd1ba22df7bb8e22f4e5a07c041d09df004332806f95

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb86e99f95362d37db276a4ec9e8e2d80ef029698afb799effc6b51b82caab87

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0aa69f31e14a882850b488bf4d97d7c8436a2713994a15b687c47ecc46b2ccbe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2021b2cbb32a64258e8377cc32b5fcc01f084db2e2ad385dd7860455740587d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8fa8e0cd5567e7a9cb5032d43a82937aa315e56c92dbc5258c2c789b88af41d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b2c612c3d53f956c0ee9b3602e3156b19dca69bc649ff65e399a4623eacaf69

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
services.vlitag.com/uv/ 		13 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/?page_url=https%3A%2F%2Ffanoticias.com.br%2F&mtk=11106
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=2350cd5632a214501ea88f6e573a36a5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13
cf-request-id
0a261d6f440000e003f6a42000000001
pragma
no-cache
last-modified
Wed, 19 May 2021 12:05:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H%2FZ7kOlux0kwCugSO9SwP%2BCgp5pcnbqIs7CakcROcfiXsAgSEdxDMN1fS6NswQIhKL0cPFILu4YRRXMKMdqCHxw70%2BPUXXynqC8uMtjvt2r%2B9qNRSLenJY5Pe6iLzkL6"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://fanoticias.com.br
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
651d31c53b53e003-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
2350cd5632a214501ea88f6e573a36a5.js
tag.vlitag.com/v1/1621422868/ 		492 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/v1/1621422868/2350cd5632a214501ea88f6e573a36a5.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=2350cd5632a214501ea88f6e573a36a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0ee9740fe2a3a1505cba311360294da26f1b3defe1411049e449c66d556656
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1568
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6f3b00004e55bd14d000000001
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CnzzjfKJMgASpoua7FPmP9CrfkBAqhSG4QL4rkB67OU136HYE2T9beOZOrzP4tvBlyOTqJFVWMZx2cqX9us8m30crZtaiJ7nwT1WcOeJqwruJW0HF%2FXt8u9nuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000, immutable
cf-ray
651d31c52c184e55-FRA
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91b124c019737f78c7db72349e6942d33147425ceb4ed59d471c0161396cdc90

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9932e25850e1dd733e2e35578fe40de2c237c3786088ea3ec8fc45b5cb116726

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
549fb5e8a772f335af45b9d36a09ac247e7cabe02aca2113325a01ccc90cd99d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1296b8f3c535888c26a2d8cebda448e7d1a50614359f0804ae288c2255ea3a44

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
069eb34a4483be9e4ea6c914341efd9eb4a4e134ec9f84bfe66d5e4f48c348c6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5c6d77212d793cded6797c785fd9467cdabc43953640a23b35024d73d8c460b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1020bff11a24b55c54d526e49c591facd63a2ff5d4ea00257f668f48fc1a6464

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71d301b463e71e84985c4d34006b061e355bda2cd86c19007a4a4745bf432a89

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
162a1d19fcc53194a195aacf489c63282315a7c06167a2cec1faf9fe5c410f57

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2662771b1002a1da92489f39945962fd27176281d7abfb0760776e8e5de86276

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie.js
partner.googleadservices.com/gampad/ 		207 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=fanoticias.com.br&callback=_gfp_s_&client=ca-pub-1678490379679189
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
01fcf3678a1a7bcaa7f42a4d11e730564af8f7d4679e97062ee3c2a3d9fff76e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fanoticias.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fanoticias.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1C9C 		26 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&adk=1812271804&adf=3025194257&lmt=1621425936&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffanoticias.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936093&bpp=8&bdt=243&idt=151&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7836004191276&frm=20&pv=2&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
447c82cf6c20337710efc9e79f9cd5c380af56168eb75de48b5586fb48ea5746
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1678490379679189&output=html&adk=1812271804&adf=3025194257&lmt=1621425936&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffanoticias.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936093&bpp=8&bdt=243&idt=151&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7836004191276&frm=20&pv=2&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fanoticias.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fanoticias.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 19 May 2021 12:05:36 GMT
server
cafe
content-length
1359
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 19-May-2021 12:20:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 May 2021 12:05:36 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251140663589"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27994
x-xss-protection
0
expires
Wed, 19 May 2021 12:05:36 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1be907008e9731e1fd327df6d0b8be257dfe6f254a515e2efe1089966dd43a9f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b12c97fd08fd98739411e680189f688e4d0875d7eb0de9b1f578a71a196200d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c42ff9028fa01f4a4abd11e34da17368cd953c3338aca105b509c4c4af5d24f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2288bb9ff450f34880c3bb7ce90573991fd0cd203e0d255db3ca5e4bf71cb983

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ads
googleads.g.doubleclick.net/pagead/ Frame 7D8D 		113 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd8cf3a3e3aa056a375fe2d58ea489e037f247c6d58878ce2878d813f42eecb3
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJuA3afa1fACFRKhdwodSIoKyg&gqi=EP-kYJqxFMKttweX3JXQBg&layout=/sadbundle/%24csp%253Der3%24/15114128110379568047/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fanoticias.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fanoticias.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJuA3afa1fACFRKhdwodSIoKyg&gqi=EP-kYJqxFMKttweX3JXQBg&layout=/sadbundle/%24csp%253Der3%24/15114128110379568047/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 19 May 2021 12:05:36 GMT
server
cafe
content-length
36958
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 19-May-2021 12:20:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 May 2021 12:05:36 GMT
cache-control
private
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b94d470855dbaa0dd9f417ad8099be1d21570cd5be2ee91d8bd83c415f8c619

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad0c5424009a5393dc482a84f05551e07219e48ed2e8ed529b45f148d98238b6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1284ef4a85cb3f774c725529f31cdc352dcf9ed86fec86f96e7857114916f93

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd8d1b890d2d143f8fa3a5ce5e02bbc0d2c9a0da2ce3f7fa20faf0aa7e5d775e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20e2ea667cd0668fa5f1a0f428d536f98b39480026872ea67317f4835b842691

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
lazysizes.min.js
fanoticias.com.br/wp-content/plugins/autoptimize/classes/external/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.1
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49e5eccbf420949ddb76cfa2ca1430c8f733b06fb2a35d8fed1182b41613530

Request headers

:path
/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2264606
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6fe400004e6d492f8000000001
last-modified
Fri, 15 Jan 2021 14:45:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MMeiljJyY2XcDPms8WV%2BzfXhOGMj3oItkf2SZXCeqQYEK%2F0%2BkDqqEsS8k9ZJI676NMkYXICTozjtj6sZc0dkqS1MO6PK0fugVnDFo6DJRcf1aBZW4EnOVizNGK4YQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
cf-ray
651d31c63e7e4e6d-FRA
expires
Sat, 23 Apr 2022 13:02:10 GMT
dashicons.min.css
fanoticias.com.br/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-includes/css/dashicons.min.css?ver=5.6.4
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

:path
/wp-includes/css/dashicons.min.css?ver=5.6.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
555310
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6fe500004e6d9a92b000000001
last-modified
Fri, 16 Apr 2021 01:50:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kt2J1Yi3iEG9OS2Cxt7q22fTwt3T1ndpR3i0X3ZCYI%2BrFNyUHh4htHDTW6jGeUO5kvfvNuHnrggAyGKLQ%2FMNgLLxsZXrHS0MHxNEhb1qzaLvGA5DDh5T%2FPfYepugqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31557600
cf-ray
651d31c63e814e6d-FRA
expires
Fri, 13 May 2022 07:50:26 GMT
autoptimize_single_b8a239f90aad53d7f9e596feb6ae9cb8.css
fanoticias.com.br/wp-content/cache/autoptimize/css/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_single_b8a239f90aad53d7f9e596feb6ae9cb8.css?ver=1615217124
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb6c47e1fdde051c92fa74b8e674ca28793be2f2ff5f3127f14352039780685

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_single_b8a239f90aad53d7f9e596feb6ae9cb8.css?ver=1615217124
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6fe500004e6d6d816000000001
last-modified
Mon, 08 Mar 2021 15:25:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H%2Fp5Y2R2o2Merm3byp2CmdWMtuGaXBCvbww%2FxwX0T3Zj1eQQtSkf8bUOK89P0XoTFztFIrTvAi9sIZCvalHa%2B%2BwV5RzOqyCcVNvMqPnKgalU32zIzAi9JubqRiRO2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
cf-ray
651d31c63e824e6d-FRA
expires
Mon, 09 May 2022 09:46:10 GMT
autoptimize_single_1e2e383e39bb6cf1b38fb3c8a9a78ea9.css
fanoticias.com.br/wp-content/cache/autoptimize/css/ 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_single_1e2e383e39bb6cf1b38fb3c8a9a78ea9.css?ver=1614023792
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c89869a0e6ac8619c81f05c6ad78476145c8e3be8ac08b1ec4d09d5cfb5663

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_single_1e2e383e39bb6cf1b38fb3c8a9a78ea9.css?ver=1614023792
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6fe700004e6d5903d000000001
last-modified
Mon, 22 Feb 2021 19:56:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lpvWQzXe2FiKMxL2p6%2BDBS9q8A9h5sCQYEBdygt8%2F3WE2heUx0%2Fu55el9%2B6SYpFxmTyzLRVkWxeJ%2BkJ4Q%2BvcRJOGgAMA3QUAf55fUtXAgecInFnaYoncEICIqrvl3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
cf-ray
651d31c63e8c4e6d-FRA
expires
Mon, 09 May 2022 09:46:10 GMT
autoptimize_single_2f2e90029640e7bc01cc6da32689a272.css
fanoticias.com.br/wp-content/cache/autoptimize/css/ 		100 B
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_single_2f2e90029640e7bc01cc6da32689a272.css?ver=1546861844
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a3d445d1c775ee2c89495de105befb26b121f78268b99a714b17905cf61efa1

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_single_2f2e90029640e7bc01cc6da32689a272.css?ver=1546861844
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6fe700004e6d9e3c9000000001
last-modified
Fri, 15 Jan 2021 14:45:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0%2B%2FriudeKb9kfk0BVwTNqEWH%2FvwBqPs5oVB1aTsWvfvHgOLd8boEG2bqqkhhF%2BVSJI9HD7PN00eaNJiLrtI0BJZeTIBCZ7LYU2wNx6OLrAgAGApT3iFGb7R6D93mSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
cf-ray
651d31c63e8e4e6d-FRA
expires
Mon, 09 May 2022 09:46:10 GMT
autoptimize_single_95d696549b1863d0f8781c6eddf7b41d.css
fanoticias.com.br/wp-content/cache/autoptimize/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_single_95d696549b1863d0f8781c6eddf7b41d.css?ver=1614023820
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8bd09375c1603f2ad27edbebb81213cadd916284a0153b9a6ddbda70b7c173

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_single_95d696549b1863d0f8781c6eddf7b41d.css?ver=1614023820
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 22 Feb 2021 19:57:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Qd7ogHTlkTipIZUcVspj%2B2VEC2BJ0bkottjqarBmIAUqKAfYFpSTC8y95k551l4hn1ten91XSjgVmyPGcigpC8ObChHnyPLrTT5en646n6SqQsGvbywid49lCWBVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
651d31c63e924e6d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6fe700004e6d4b288000000001
expires
Mon, 09 May 2022 12:05:36 GMT
autoptimize_single_11336a7cb940b477b68380b1b557e23d.css
fanoticias.com.br/wp-content/cache/autoptimize/css/ 		3 KB
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_single_11336a7cb940b477b68380b1b557e23d.css?ver=1609174440
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
088afe59318aff9a0806ddc7fa7e34df8d698a4b815a9d9aecae08bf6ac34bcf

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_single_11336a7cb940b477b68380b1b557e23d.css?ver=1609174440
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
824990
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6fe700004e6d4a3e7000000001
last-modified
Fri, 15 Jan 2021 14:45:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t3wXiDuvfVIGcfyTvqujb0Yyn1w5W574T7JVs53YchMjdqZ5gYVA13dM348rm597oX2OtP1ABGbOK6a5jx2j1dzUnn%2B0UO2vZVrd%2FFv1AyJbDlj9IGLJatAJcHBO6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
cf-ray
651d31c63e944e6d-FRA
expires
Fri, 29 Apr 2022 22:55:46 GMT
autoptimize_single_9f41be1a41ea485c4126bed0a2f5a15e.css
fanoticias.com.br/wp-content/cache/autoptimize/css/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_single_9f41be1a41ea485c4126bed0a2f5a15e.css?ver=1546524866
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2731e8e846dd5b037a2202bc51ba1bce5484b8cd9a587cbb5d95ad3ec21aee7

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_single_9f41be1a41ea485c4126bed0a2f5a15e.css?ver=1546524866
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
824990
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6fe700004e6d6329c000000001
last-modified
Fri, 15 Jan 2021 14:45:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZlPioN49sOXKgvuqPbXObJiCA4i8BX7f%2B0EhTGorBRJdHD7vzcKrv6N%2FasH%2Bxp7ZD%2F6JcWgjqBpyrAzzIXBbMVEnEWpehpZE2tsKuz1FFfyt227Ol19KC4eQWrtRJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
cf-ray
651d31c63e954e6d-FRA
expires
Fri, 29 Apr 2022 22:55:46 GMT
css
fonts.googleapis.com/ 		42 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Strait%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.6.4
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
097291912cd948e5080208b8d6bf1017637e73f58e1ad8e91add158a15ce1911
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 May 2021 12:05:36 GMT
server
ESF
date
Wed, 19 May 2021 12:05:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 May 2021 12:05:36 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/ 		112 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/TweenMax.min.js?ver=5.6.4
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1180580
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33291
cf-request-id
0a261d6fe700004ea9e91a7000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1be2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RfshAI%2FUdVaXwv0b3DDKFMr%2BuME7rsqOEPrMM87K9Ou9vZ48E0jj6tAML5deAxIva0NPR9KUVPM3znY6R6EgbWtx6u%2BZvKwoL8kgyBYrcYqHmt1u0I886LxeMrPpdyYwkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
651d31c63dc04ea9-FRA
expires
Mon, 09 May 2022 12:05:36 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-123165538-1
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6cd5f6be81d958c7be53e04f15aa5f3fc0a975fcbf2b3c2ff3cb006316e8969b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35703
x-xss-protection
0
expires
Wed, 19 May 2021 12:05:36 GMT
autoptimize_2d9e131344c437ac4e659e289c0daa19.js
fanoticias.com.br/wp-content/cache/autoptimize/js/ 		573 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-content/cache/autoptimize/js/autoptimize_2d9e131344c437ac4e659e289c0daa19.js
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcf03e24ed6e80a542ebcfa4deaaa304adf64e9c06f3d4fbff5d163583a032e7

Request headers

:path
/wp-content/cache/autoptimize/js/autoptimize_2d9e131344c437ac4e659e289c0daa19.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d6fe800004e6d9919b000000001
last-modified
Fri, 16 Apr 2021 01:50:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EWMRm2AB%2Bor5LgAnQayBFltUiSTbr3UkgxdQ9UW7lBqNtJs76gSAQtvg9e51eIz3ukW56d2yxddsK1EjWYiVIOybWu4WqRD7sFcl8HCP4G8dWUmlZNcK3K0HIU3wvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=30672000,public, immutable
cf-ray
651d31c63e974e6d-FRA
expires
Mon, 09 May 2022 09:46:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8A48 		117 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbbe34dd70398d8f103f7cc2bcde074af967514cc29a07fd1d44aa0cf5a6fd0e
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI6x46fa1fACFZmZdwodi6IA4A&gqi=EP-kYJDjGveHwuIPmYGYsAE&layout=/sadbundle/%24csp%253Der3%24/15114128110379568047/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fanoticias.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fanoticias.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI6x46fa1fACFZmZdwodi6IA4A&gqi=EP-kYJDjGveHwuIPmYGYsAE&layout=/sadbundle/%24csp%253Der3%24/15114128110379568047/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 19 May 2021 12:05:36 GMT
server
cafe
content-length
38864
x-xss-protection
0
set-cookie
IDE=AHWqTUm1w00yzKUFLprR4oxhNnKCbHzoYnkruf1IcX4pLJk0JRT0B8zDykInupATbFI; expires=Mon, 13-Jun-2022 12:05:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 May 2021 12:05:36 GMT
cache-control
private
cmp-v2.0.1.js
assets.vlitag.com/plugins/cmptcf2/ 		267 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1621422868/2350cd5632a214501ea88f6e573a36a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2299171
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d706e00004e55c1135000000001
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xwhnm%2BZZzLtG6K6f0AN27NVzKKIxSrOjmJEqA2l2RjFJ%2BL%2BAh8SGyOy2rpJkq1DQKC3yFxh%2BWD8W2fQcd05MHT5yOAy7bIgOc3QtOhanil2X5iEuLu%2Bopw2WU1VojQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
651d31c7197a4e55-FRA
expires
Thu, 22 Apr 2021 21:56:05 GMT
prebid-v4.38.0.js
assets.vlitag.com/prebid/default/ 		411 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1621422868/2350cd5632a214501ea88f6e573a36a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
787218
cf-polished
origSize=421400
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d706e00004e55de3f0000000001
x-robots-tag
noindex, nofollow
last-modified
Mon, 10 May 2021 09:25:11 GMT
server
cloudflare
etag
W/"6098fbf7-66e18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZvMx7WIshxL29Ns6ubgKLe2lRGjwmCQszgDfrY1OT5teFAyRGv5uj%2FdLDa%2FUVT5HvOcoCC2GS4bNXmEItMzLD3LedQLp9AQM%2Ffy%2FF%2FuL5GzmP%2FxNEl05BJq6zIIcEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
651d31c719774e55-FRA
expires
Mon, 10 May 2021 09:55:18 GMT
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1621422868/2350cd5632a214501ea88f6e573a36a5.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab70d87e0d9568a827b4e2003b1de9858112f12bfd88f15cf14487d698a23889
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"876 / 801 of 1000 / last-modified: 1621422631"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21321
x-xss-protection
0
expires
Wed, 19 May 2021 12:05:36 GMT
viPlayer_v42.min.js
assets.vlitag.com/plugins/vlPlayer/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/vlPlayer/viPlayer_v42.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1621422868/2350cd5632a214501ea88f6e573a36a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2300623
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d706d00004e55ef01d000000001
x-robots-tag
noindex, nofollow
last-modified
Thu, 26 Nov 2020 03:46:23 GMT
server
cloudflare
etag
W/"5fbf250f-33d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5uu07d3MvOuzOWcV%2F93ORi8zVnEhmDkadrtzs6UN8%2Bq%2Bv%2B74QGSCS90gjPjSBwGtX%2Bykz3daL0tUEUhu3X6soOIq%2Fezati4v9uDtsfBANN5va0DSx52w8di2cbM4VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
651d31c7196e4e55-FRA
expires
Thu, 22 Apr 2021 21:31:53 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1621422868/2350cd5632a214501ea88f6e573a36a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e37f1a24a682b88f0212e2514f7e4cd3a2601342aaf332de8dc39ef544c44e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117175
x-xss-protection
0
expires
Wed, 19 May 2021 12:05:36 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1621422868/2350cd5632a214501ea88f6e573a36a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2300623
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d706d00004e55109c0000000001
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ptYcJcjF9cAHj%2BxOZ2G1T%2FVIsfuiD1OTmRluPh2GoMGOQjMvjjk7dK3Hm3cGV6%2Ffqcj1Z20Tc%2FGvgx4yWeEn8ToH6%2B%2BHtIPsNSjTC8WAH3j3e4I%2Bni9XwFJlIFoKUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
651d31c719744e55-FRA
expires
Thu, 22 Apr 2021 21:31:53 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee48b40f66332ec2d71d33eb87e1774fbd991ef4c0ccccfff1f2797665fbd5a7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
fanoticias.com.br
widget.twnmm.com/en_ca/90761/bres0011/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.twnmm.com/en_ca/90761/bres0011/fanoticias.com.br
Requested by
Host: widget.twnmm.com
URL: https://widget.twnmm.com/js/btn/pelm.js?orig=en_ca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b7::3015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cc18bde3e6c6fba7d105e1f56cb62a9107851cea097c2b06e94814eb8b75d5d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.farmzone.com https://www.farmzone.com http://www.zoneverte.com https://www.zoneverte.com http://widget.twnmm.com https://widget.twnmm.com https://s1.twnmm.com http://beta.theweathernetwork.com https://beta.theweathernetwork.com http://beta.meteomedia.com https://beta.meteomedia.com http://*.theweathernetwork.com https://*.theweathernetwork.com http://*.meteomedia.com https://*.meteomedia.com https://www.flonase.ca
Strict-Transport-Security max-age=0;

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-ttl
-769.487
strict-transport-security
max-age=0;
content-encoding
gzip
x-var5-grace
none
x-vcl-recv
set
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-url
/en_ca/90761/bres0011/fanoticias.com.br
x-ua-device
desktop
x-iscached
HIT
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=60, origin; dur=96
content-length
671
x-ua-compatible
IE=Edge,chrome=1
x-vcl-hit
set
x-vcl-hash
/en_ca/90761/bres0011/fanoticias.com.br
x-vcl-miss
set
server
nginx/1.18.0
date
Wed, 19 May 2021 12:05:36 GMT
vary
Accept-Encoding
x-varnish
198345431, 326412722 306172115
access-control-allow-origin
*
cache-control
public, max-age=878
content-security-policy
frame-ancestors 'self' http://www.farmzone.com https://www.farmzone.com http://www.zoneverte.com https://www.zoneverte.com http://widget.twnmm.com https://widget.twnmm.com https://s1.twnmm.com http://beta.theweathernetwork.com https://beta.theweathernetwork.com http://beta.meteomedia.com https://beta.meteomedia.com http://*.theweathernetwork.com https://*.theweathernetwork.com http://*.meteomedia.com https://*.meteomedia.com https://www.flonase.ca
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
x-varnish5-iscached
MISS
expires
Wed, 19 May 2021 12:20:14 GMT
impl.20210504-14_b1-PR-35879-DEV-89971-floc-rbox-side-4a581a89254-SNAPSHOT.js
cdn.taboola.com/libtrc/ 		483 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210504-14_b1-PR-35879-DEV-89971-floc-rbox-side-4a581a89254-SNAPSHOT.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fanoticias-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4a1c38f6eab1e438eaf21766b57f24a85cf6df86976835a0131e19734b0d7e75

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7TJMYEct58se9EL16d8u1JCfaiIgbJOC
content-encoding
br
etag
"1c0c1dc04050b049a12f77a169a45ae4"
age
10558
x-cache
HIT
content-length
113530
x-amz-id-2
64VH21jCY0yOyF7/cyZTFBl73nHbwxNgO+LSNEhbbkQ0FCXE85/x78O9EyJkSbj0hz2cbjM0BD4=
x-served-by
cache-hhn11562-HHN
last-modified
Tue, 04 May 2021 16:41:39 GMT
server
AmazonS3-br
x-timer
S1621425937.552763,VS0,VE0
date
Wed, 19 May 2021 12:05:36 GMT
vary
Accept-Encoding
x-amz-request-id
VTNR07M1EM3QY5K4
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
27
x-cache-hits
1401
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/fanoticias-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-123.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 11:36:45 GMT
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1731
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
JBjrOgwt6njy7B0AmHWAvflBhmyy5TzA2V0I7h_dL6kFmiP2obwuqQ==
tr5
cdn.taboola.com/libtrc/ 		3 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=floc_var
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1621425937.553882,VS0,VE0
x-served-by
cache-hhn11562-HHN
x-cache
HIT
content-type
text/html
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dc1064937dcaf06127773791513ab955c36f8ccf193e30d396d952e5d886e8a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2379a3ca941a276fb7d70b444aeb951d937949b5e4a646ee6c0d29e8d5c8478

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8f8a5242aff9d5de377d6ca48d8d2e247a9349d00d20796a4b75476a6219cf9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
pubads_impl_2021051301.js
securepubads.g.doubleclick.net/gpt/ 		306 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4bdcba71062ad849da6c41bb9130977f59af71c1b82e4c397b193469ece62ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 May 2021 08:39:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110161
x-xss-protection
0
expires
Wed, 19 May 2021 12:05:36 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f84424b8104a7304c4aa1d0709ed7fbefb8080ae51d58cc56ce671f191dfbc84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OqVsECWN/bz5zhIPGYGW/A==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
w0kbl4tlE/2/EiRPr9TyWk9M04h2RZeuez3RPPCttWHThSycQU6Geh0QCl8uTm7ezT2fWb2K8nCEYS3U/h7s9A==
x-fb-trip-id
1709462857
x-fb-content-md5
9cdccd17b472e76c02be04c27434d2e5
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 19 May 2021 12:05:36 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4fab2b7053f1e50aab114a56e2324935"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 19 May 2021 12:17:07 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Strait%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.6.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://fanoticias.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:03:59 GMT
server
sffe
age
505289
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39440
x-xss-protection
0
expires
Fri, 13 May 2022 15:44:07 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Strait%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.6.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://fanoticias.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
505807
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 13 May 2022 15:35:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Strait%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.6.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://fanoticias.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
555724
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 13 May 2022 01:43:32 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Strait%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.6.4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://fanoticias.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 00:12:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
129205
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 18 May 2022 00:12:11 GMT
container_5nW1GptD.js
tagmanager.alright.network/manager/js/ 		142 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagmanager.alright.network/manager/js/container_5nW1GptD.js
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.242.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-242-109.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a5ac676188c3dabe890da781ad329424f4ee810c662bbe3c124e6fbc4d0d223

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 11:59:35 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 12:28:01 GMT
server
AmazonS3
age
362
etag
W/"e92608174906d923ca11f855918e871c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f78fee2989d34e40cb45ddfbcb9ba346.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
N1HKjF5PmjEwIuVGzUp6UIap4p0Nobe-6vW239LEUIWneH4mZc6TOQ==
a11fe4b0570b0e1721f1546caf5968d1.min.js
clevernt.com/scripts/ 		120 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clevernt.com/scripts/a11fe4b0570b0e1721f1546caf5968d1.min.js?20210413=1621425936822
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a9a61bb2ac12c4130402b87a346b73573adcf7347a8f834d70ba1a2e869a78

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2379
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HD6QA6RX5J2A6Q0G
x-amz-id-2
gYSg9q1qEeVQBClpUzrf+iKwca7mIC7wOy0oTrhBQDLqlYQ9FA+5mnSQYUKd3e4JUpCKC+2ZaPo=
last-modified
Wed, 19 May 2021 10:38:06 GMT
server
cloudflare
etag
W/"95eec4a76537e3fd307f4d648021ac48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZeMhKcTa11rOA6WG6wvXUynYCRhtZp0rQG9TbggW0ka33Ylq7NA2JlWmr9DAEUzj0XpOICK%2BN6Jt%2BLOCWJ6hvHxhzM6exBlbJdrYEhyV6U%2BZ0Gfxs%2FCWRBI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-request-id
0a261d71d000004ece6b853000000001
cf-ray
651d31c94dbd4ece-FRA
gblcdnp.js
data.gblcdn.com/data/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.gblcdn.com/data/gblcdnp.js?pubid=6818bcf0-1b47-11ea-96b7-ad343d73332a&pid=vtxemfzfdldsc&renderD=0&limitT=0&limitH=24&t=i&_time=1575981348
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:5b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e164b18bde0c8cb2d5b27728b03406fccd9e02b6a8ea597f726d003b6db7eb2f

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:36 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
416913
x-amz-server-side-encryption
AES256
cf-ray
651d31c99c4fc2d1-FRA
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d72040000c2d1f02ea000000001
last-modified
Thu, 22 Apr 2021 09:46:57 GMT
server
cloudflare
etag
W/"6f4889f8e38ca8e79c6ad96629f9b993"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7CCcapR1qH72iDKwVH6WO9YpZMG%2BRZOM6Vvf%2BS4qOuNG2%2FzvgbDmYfEyTbBcd1229CdOB4HUVpGQedBK7iNbZxbAFGLWOWOm0QQ3vT3xjk53P8YocAO0fyjBxh0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
i7FS0r24406nbHTvV0PWOTDNeiE7cSM3
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
Ft86ysalqyyv3qPBkwO44dnRfpY3QaXkfrlPjuVACaT7xbTsG4loWg==
cf-bgj
minify
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210519
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d6377be8991156843f8b21169d53e6c5fa2250e478cc5e8c7016311cae134b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
24311
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
949
etag
W/"6a2-oDCpX//Hj6X6xkNDdoWOonBXtUY"
x-served-by
cache-fra19176-FRA, cache-hhn4067-HHN
date
Wed, 19 May 2021 12:05:37 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
/
logs.vlitag.com/sub/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.vlitag.com/sub/?d=fanoticias.com.br&h=fanoticias.com.br
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QCu09Fp%2FuevH33fcR3Gfb8OMY5%2BKHB%2FdxIBQqPTq6yIXPXhmkUCAOgcJ5Zdy9iwAFGoz%2BR%2FTuh24K9UVQDjt6W3MmQdd5QB26VU2XAAmdxJ3Lfw94UReVsnWWgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
651d31cafc614e55-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a261d72d900004e550b37c000000001
logo.svg
widget.twnmm.com/images/twn/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget.twnmm.com/images/twn/logo.svg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b7::3015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3b0ae1b4de4e1a3990ef190912ed901c3aaccf5b28ed989d2dbb530f78d9ae7e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.farmzone.com https://www.farmzone.com http://www.zoneverte.com https://www.zoneverte.com http://widget.twnmm.com https://widget.twnmm.com https://s1.twnmm.com http://beta.theweathernetwork.com https://beta.theweathernetwork.com http://beta.meteomedia.com https://beta.meteomedia.com http://*.theweathernetwork.com https://*.theweathernetwork.com http://*.meteomedia.com https://*.meteomedia.com https://www.flonase.ca
Strict-Transport-Security max-age=0;

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-ttl
-13985.046
strict-transport-security
max-age=0;
content-encoding
gzip
etag
W/"221a-5af5ec0758d9c-gzip"
x-var5-grace
none
x-vcl-recv
set
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-url
/images/twn/logo.svg
x-ua-device
desktop
x-iscached
MISS
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3230
x-ua-compatible
IE=Edge,chrome=1
x-vcl-hit
set
x-vcl-hash
/images/twn/logo.svg
x-vcl-miss
set
last-modified
Tue, 15 Sep 2020 18:59:34 GMT
server
nginx/1.18.0
date
Wed, 19 May 2021 12:05:37 GMT
vary
Accept-Encoding
x-varnish
446160554, 233779030
cache-control
public, max-age=432000
content-security-policy
frame-ancestors 'self' http://www.farmzone.com https://www.farmzone.com http://www.zoneverte.com https://www.zoneverte.com http://widget.twnmm.com https://widget.twnmm.com https://s1.twnmm.com http://beta.theweathernetwork.com https://beta.theweathernetwork.com http://beta.meteomedia.com https://beta.meteomedia.com http://*.theweathernetwork.com https://*.theweathernetwork.com http://*.meteomedia.com https://*.meteomedia.com https://www.flonase.ca
accept-ranges
bytes
content-type
image/svg+xml
x-varnish5-iscached
MISS
expires
Mon, 24 May 2021 12:05:37 GMT
1.png
widget.twnmm.com/images/icons/wxicons_small/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget.twnmm.com/images/icons/wxicons_small/1.png
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b7::3015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ed272112903352b6bac93cc709a621260da791c301dd1eef6329e746f4bc4a73
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://www.farmzone.com https://www.farmzone.com http://www.zoneverte.com https://www.zoneverte.com http://widget.twnmm.com https://widget.twnmm.com https://s1.twnmm.com http://beta.theweathernetwork.com https://beta.theweathernetwork.com http://beta.meteomedia.com https://beta.meteomedia.com http://*.theweathernetwork.com https://*.theweathernetwork.com http://*.meteomedia.com https://*.meteomedia.com https://www.flonase.ca
Strict-Transport-Security max-age=0;

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-ttl
strict-transport-security
max-age=0;
etag
"748-5af5ebe80f63b"
x-var5-grace
none
x-vcl-recv
set
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-url
/images/icons/wxicons_small/1.png
x-ua-device
desktop
x-iscached
MISS
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
1864
x-ua-compatible
IE=Edge,chrome=1
x-vcl-hit
x-vcl-hash
/images/icons/wxicons_small/1.png
x-vcl-miss
set
last-modified
Tue, 15 Sep 2020 18:59:01 GMT
server
nginx/1.18.0
date
Wed, 19 May 2021 12:05:37 GMT
x-varnish
4201984, 401705
cache-control
max-age=432000, s-maxage=600
content-security-policy
frame-ancestors 'self' http://www.farmzone.com https://www.farmzone.com http://www.zoneverte.com https://www.zoneverte.com http://widget.twnmm.com https://widget.twnmm.com https://s1.twnmm.com http://beta.theweathernetwork.com https://beta.theweathernetwork.com http://beta.meteomedia.com https://beta.meteomedia.com http://*.theweathernetwork.com https://*.theweathernetwork.com http://*.meteomedia.com https://*.meteomedia.com https://www.flonase.ca
accept-ranges
bytes
content-type
image/png
x-varnish5-iscached
MISS
expires
Mon, 24 May 2021 12:05:37 GMT
1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
487356
cf-polished
qual=85, origFmt=jpeg, origSize=151033
content-disposition
inline; filename="1572962870.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109336
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:50 GMT
server
cloudflare
etag
"5dc18236-24df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Or9rSZw2Wvmx76jWdVpM3bQbVyYiusBJaXBpg%2F8KG16f1XhftXsH%2BLYkjw97i8S3DSkCWWuc2PwDyo2FrTVVy2JEti2eywORixuW3G13IhlZdTxn%2B5GUjSi5vo6pWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 13 May 2021 21:13:01 GMT
cache-control
max-age=16070400
cf-request-id
0a261d732a000063fb15816000000001
accept-ranges
bytes
cf-ray
651d31cb7e7663fb-FRA
cf-bgj
imgq:85,h2pri
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1621425937418&ns_c=UTF-8&cv=3.5&c8=Home%20%E2%80%93%20FA%20NOT%C3%8DCIAS%20-%20Not%C3%ADcias%20de%20S%C3%A3o%20Mateus%20e%20Norte%20do...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621425937418&ns_c=UTF-8&cv=3.5&c8=Home%20%E2%80%93%20FA%20NOT%C3%8DCIAS%20-%20Not%C3%ADcias%20de%20S%C3%A3o%20Mateus%20e%20Norte%20d...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621425937418&ns_c=UTF-8&cv=3.5&c8=Home%20%E2%80%93%20FA%20NOT%C3%8DCIAS%20-%20Not%C3%ADcias%20de%20S%C3%A3o%20Mateus%20e%20Norte%20do%20ES&c7=https%3A%2F%2Ffanoticias.com.br%2F&c9=
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-123.fra53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
-VfajWeKREY-4xwM7R502bjX39QRx0dEFsWG1VcguvZm5gvOdRUE6w==

Redirect headers

date
Wed, 19 May 2021 12:05:37 GMT
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621425937418&ns_c=UTF-8&cv=3.5&c8=Home%20%E2%80%93%20FA%20NOT%C3%8DCIAS%20-%20Not%C3%ADcias%20de%20S%C3%A3o%20Mateus%20e%20Norte%20do%20ES&c7=https%3A%2F%2Ffanoticias.com.br%2F&c9=
content-length
267
x-amz-cf-id
i8x-gv_h93RBXl69xV98rRkNb3uwVLb-Gw6W9Vkoa6l72F6a3DO64w==
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
911ddf821ac39f09e17d63faa249e5cd58c6a8dd3ec0340326ee31841c6154b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
loadingAnimation.gif
fanoticias.com.br/wp-includes/js/thickbox/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-includes/js/thickbox/loadingAnimation.gif
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

:path
/wp-includes/js/thickbox/loadingAnimation.gif
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1621433136459}; __gads=ID=76a7aa740ca683dc-22c6da0b46c800b3:T=1621425936:RT=1621425936:S=ALNI_MbI96-HHq-K63ltctcRmA2sqq4meQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2048370
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15238
cf-request-id
0a261d745a00004e6d9a08f000000001
last-modified
Tue, 06 Nov 2012 02:00:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C0PfslJe1zlgeuNTYi%2Bz3UldXrHMhpXmKtCV8mEzCl9ZSDSkAsM0ehxr6ga3vmPS1hL92zny6%2F2fxzzarvo2AXkRwjFL43Y210J%2BfIZ2FhB9aRr%2BVRV08QwGUacm%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31cd5bed4e6d-FRA
expires
Tue, 26 Apr 2022 01:06:07 GMT
eicons.woff2
fanoticias.com.br/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fanoticias.com.br/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?3.8.0
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_f8aa9de89e1d37d6b190ae2bf1d9fc8e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4fbf935c85cbd4761e6f097bc8b518fe2f7bb81964a74ff4fb43d5c6ccb174

Request headers

sec-fetch-mode
cors
origin
https://fanoticias.com.br
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1621433136459}; __gads=ID=76a7aa740ca683dc-22c6da0b46c800b3:T=1621425936:RT=1621425936:S=ALNI_MbI96-HHq-K63ltctcRmA2sqq4meQ
:path
/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?3.8.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_f8aa9de89e1d37d6b190ae2bf1d9fc8e.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://fanoticias.com.br
Referer
https://fanoticias.com.br/wp-content/cache/autoptimize/css/autoptimize_f8aa9de89e1d37d6b190ae2bf1d9fc8e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1846138
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56760
cf-request-id
0a261d748200004e6d7d85e000000001
last-modified
Mon, 26 Nov 2018 14:34:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oHSuZCsLZGhJZKAOZEl0oKPQTi7HQ%2F3UKLQbfw4ReD0jvOJ0Gw%2FlM6VZx708fmGbHIP0GBa0FW6l6hgeEqZLucpQ1%2FDncXnnlAscDx6Yo8SCIr8X1%2BJvJsPBDztd%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31cd9cae4e6d-FRA
expires
Thu, 28 Apr 2022 09:16:39 GMT
logo_oficial.png
fanoticias.com.br/wp-content/uploads/2020/12/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2020/12/logo_oficial.png
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc8c0ad14ee6a96b21b078a0f679e255a761799e500d2c207f63907c93eb808

Request headers

:path
/wp-content/uploads/2020/12/logo_oficial.png
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1621433136459}; __gads=ID=76a7aa740ca683dc-22c6da0b46c800b3:T=1621425936:RT=1621425936:S=ALNI_MbI96-HHq-K63ltctcRmA2sqq4meQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
68573
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
69279
cf-request-id
0a261d752500004e6d811a4000000001
last-modified
Tue, 01 Dec 2020 12:12:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rFMhTiQh3vRqhry5eIDGU9ddZv0AEFKFbZceChjm3lvcqNet6ps%2Bpi77q0EYcXFmxLyoMTCUVGHvmK%2FsQtVNvGpdvud3%2BRiP63naR1qMVVhIZyu1Xx8Sqwqpz654cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31ceaf674e6d-FRA
expires
Wed, 18 May 2022 23:02:44 GMT
1000x100.jpg
fanoticias.com.br/wp-content/uploads/2021/02/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2021/02/1000x100.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb37cd504679e0fc84cc45016785ab137ea988b75aa66e613a6464ea92c8cfd6

Request headers

:path
/wp-content/uploads/2021/02/1000x100.jpg
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1621433136459}; __gads=ID=76a7aa740ca683dc-22c6da0b46c800b3:T=1621425936:RT=1621425936:S=ALNI_MbI96-HHq-K63ltctcRmA2sqq4meQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2048371
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
135960
cf-request-id
0a261d752500004e6d8dba3000000001
last-modified
Tue, 09 Feb 2021 12:33:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TydrvgQo4YM3GxGZ%2Bwm8N6%2BKRNW56qDKjn23ttOT3cw0G%2Bg7zB%2FDGmCMVZGsW2nHTwkExyzowKGZN4u3cE0BhJ3rjOqAXbvcxgxdsyOtWVGJJES14xk6qF2hANHz6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31ceaf6c4e6d-FRA
expires
Tue, 26 Apr 2022 01:06:06 GMT
MAIS-RECENTES-2-1-o5ykeakb8f22ueb96s77g057vmt0853jn4o9wat71y.png
fanoticias.com.br/wp-content/uploads/elementor/thumbs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/elementor/thumbs/MAIS-RECENTES-2-1-o5ykeakb8f22ueb96s77g057vmt0853jn4o9wat71y.png
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9c1bdd9a67ad5c9b44cb2b0905eab71f1c2d5f86714986df0b029b366eee6c

Request headers

:path
/wp-content/uploads/elementor/thumbs/MAIS-RECENTES-2-1-o5ykeakb8f22ueb96s77g057vmt0853jn4o9wat71y.png
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1621433136459}; __gads=ID=76a7aa740ca683dc-22c6da0b46c800b3:T=1621425936:RT=1621425936:S=ALNI_MbI96-HHq-K63ltctcRmA2sqq4meQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
78020
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2653
cf-request-id
0a261d752500004e6d9a9ba000000001
last-modified
Tue, 21 May 2019 02:27:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A18KwSoYe5lJr5FYhkije3IlOw6SNnzcNUq3kptLB64T9KkvW23XHCfPKhZ0mswc%2B44CU3jVS2OWhTvQssRYS7ztFAnhMObPUZNj8L2lFc0%2B9uw62epM55xmMF2gxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31ceaf6d4e6d-FRA
expires
Wed, 18 May 2022 20:25:17 GMT
thumbnail-for-380368-300x150.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380368-300x150.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b38243694b8be1e3b1d708f9acfd713239bb31d8f0bb8984ca24ab9d659abf

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380368-300x150.jpg
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1621433136459}; __gads=ID=76a7aa740ca683dc-22c6da0b46c800b3:T=1621425936:RT=1621425936:S=ALNI_MbI96-HHq-K63ltctcRmA2sqq4meQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10027
cf-request-id
0a261d752600004e6d590c1000000001
last-modified
Wed, 19 May 2021 11:55:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nAqj0gRwE1dzDXDTkHSRMLcsL%2Bz4H%2BR0hqvCgjkASLPTyQTzB4BRwShKQfryVgMA74lbTbJ6x1SnpOxL0y7aXV7dV6jLwRbj2E7X3RqZEi3RWIFOUWUQq7LsGVAzDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31ceaf714e6d-FRA
expires
Thu, 19 May 2022 18:05:37 GMT
thumbnail-for-380366-300x169.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380366-300x169.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc821b1c32c25f720eff3c45a5a68fcf0db58914017a17b7bec1d06c2a913ca

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380366-300x169.jpg
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1621433136459}; __gads=ID=76a7aa740ca683dc-22c6da0b46c800b3:T=1621425936:RT=1621425936:S=ALNI_MbI96-HHq-K63ltctcRmA2sqq4meQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11736
cf-request-id
0a261d752600004e6d4d13a000000001
last-modified
Wed, 19 May 2021 11:55:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9bf5utkYlR9sYc7X18lsFkDEARfLBTF6KtOr2o7NzZn7D7d33nf8vDWPBwf%2B0CeFWcOnDDoRIuPEcUmpA5mE%2BDufgwhnmJT3mNhA7KTBDzRozWPl94RIG0muCZS4qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31ceaf724e6d-FRA
expires
Thu, 19 May 2022 18:05:37 GMT
praia-da-ilha-de-guriri-90887-article-e1589486173614.jpg
fanoticias.com.br/wp-content/uploads/2020/04/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2020/04/praia-da-ilha-de-guriri-90887-article-e1589486173614.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3005a31708b975eae355bbeab662ab86421031c33ee5c08447c7eff8455e9f1f

Request headers

:path
/wp-content/uploads/2020/04/praia-da-ilha-de-guriri-90887-article-e1589486173614.jpg
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1621433136459}; __gads=ID=76a7aa740ca683dc-22c6da0b46c800b3:T=1621425936:RT=1621425936:S=ALNI_MbI96-HHq-K63ltctcRmA2sqq4meQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
45462
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44372
cf-request-id
0a261d752600004e6d7c8e4000000001
last-modified
Thu, 14 May 2020 19:56:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jHyQ3edFNR61ynbhLRzUsMMFivufuMDIhxOJ8CPQwpLA3TAkAtGi8eJOe52O01F2RAOX35LeyZ8Yt2jCC5lKRU74d76uk8AFo6l2%2Bd4DOlt5eqwF8Q3uiK4vCZr%2FlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31ceaf744e6d-FRA
expires
Thu, 19 May 2022 05:27:55 GMT
thumbnail-for-380288.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/ 		581 KB
582 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380288.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9306496bf58d656b69646c17aaeb52bbb0dc619ee68c47c9735a8f336ad5fc72

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380288.jpg
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1621433136459}; __gads=ID=76a7aa740ca683dc-22c6da0b46c800b3:T=1621425936:RT=1621425936:S=ALNI_MbI96-HHq-K63ltctcRmA2sqq4meQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
38549
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
594487
cf-request-id
0a261d752700004e6d5487d000000001
last-modified
Wed, 19 May 2021 01:20:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GLCYmMC4%2BdArU0rU0WbbL7ssZEdK%2FSpsw1c74KNoytAaD%2Fp12cAqNb2vQuigAH80Kf6jOaZ9%2FgfNey2xMhzEKtZk5u4ok6nFP9EHd289UYT3T6PgfYoPr4oVnBBRIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31ceaf764e6d-FRA
expires
Thu, 19 May 2022 07:23:08 GMT
videoplayback
r4---sn-4g5ednss.googlevideo.com/
Redirect Chain
  • https://media.vlitag.com/vid/?id=HhZDAZTz3rk&t=y
  • https://redirector.googlevideo.com/videoplayback?expire=1621435972&ei=5NGkYLWpHc2Z8gOupKDgCQ&ip=5.181.168.41&id=o-AAf2_pKqnSgLTErYsuyKb2NiNaGXQjAFwPkNB3qofGIl&itag=22&source=youtube&requiressl=yes&...
  • https://r4---sn-4g5ednss.googlevideo.com/videoplayback?expire=1621435972&ei=5NGkYLWpHc2Z8gOupKDgCQ&ip=5.181.168.41&id=o-AAf2_pKqnSgLTErYsuyKb2NiNaGXQjAFwPkNB3qofGIl&itag=22&source=youtube&requiress...
320 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5ednss.googlevideo.com/videoplayback?expire=1621435972&ei=5NGkYLWpHc2Z8gOupKDgCQ&ip=5.181.168.41&id=o-AAf2_pKqnSgLTErYsuyKb2NiNaGXQjAFwPkNB3qofGIl&itag=22&source=youtube&requiressl=yes&pcm2=yes&vprv=1&mime=video%2Fmp4&ns=ENlCYtrevoOsBU-8ZTVlVTIF&ratebypass=yes&dur=194.258&lmt=1550834785924815&fexp=24001373%2C24007246&c=WEB&txp=2216222&n=4RetVQNamTi3EIpyP&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKrpeRdwk6hFwfYgcO-LUFRTncTGPAYhvZN3RepvzV4lAiEA5Uha6UDjHsWW8DhnJw_g8yi7GGF0n7dIO8iY57vI8RQ%3D&cms_redirect=yes&mh=nd&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednss&ms=au&mt=1621425660&mv=m&mvi=4&pl=47&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAI6qUc6s3PDSMHnYQTYF7-iVeH0K2Zu761C0vD52kPmbAiEAthvF607rDPU6FQnfb-GI7x-L8kTRDgDf5bBaZF8Gn5Y%3D
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:6b::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Feb 2019 11:26:25 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-40246877/40246878
client-protocol
quic
cache-control
private, max-age=9734
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
40246878
expires
Wed, 19 May 2021 12:05:38 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:38 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-4g5ednss.googlevideo.com/videoplayback?expire=1621435972&ei=5NGkYLWpHc2Z8gOupKDgCQ&ip=5.181.168.41&id=o-AAf2_pKqnSgLTErYsuyKb2NiNaGXQjAFwPkNB3qofGIl&itag=22&source=youtube&requiressl=yes&pcm2=yes&vprv=1&mime=video%2Fmp4&ns=ENlCYtrevoOsBU-8ZTVlVTIF&ratebypass=yes&dur=194.258&lmt=1550834785924815&fexp=24001373%2C24007246&c=WEB&txp=2216222&n=4RetVQNamTi3EIpyP&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cvprv%2Cmime%2Cns%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKrpeRdwk6hFwfYgcO-LUFRTncTGPAYhvZN3RepvzV4lAiEA5Uha6UDjHsWW8DhnJw_g8yi7GGF0n7dIO8iY57vI8RQ%3D&cms_redirect=yes&mh=nd&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednss&ms=au&mt=1621425660&mv=m&mvi=4&pl=47&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAI6qUc6s3PDSMHnYQTYF7-iVeH0K2Zu761C0vD52kPmbAiEAthvF607rDPU6FQnfb-GI7x-L8kTRDgDf5bBaZF8Gn5Y%3D
cache-control
no-cache, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1169
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123165538-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2141
date
Wed, 19 May 2021 11:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 19 May 2021 13:29:56 GMT
sdk.js
connect.facebook.net/pt_BR/ 		213 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=945395df5ce573f04dd8ac63522ad85f&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fb705fdef3a8d1c5f2619dad9356270f039c8f35861899bf7996701f950a90e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://fanoticias.com.br
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
w+SDWbN1/to6g6ZmeismCg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
64599
x-fb-rlafr
0
x-fb-debug
YioRVa+yNa8Fn+EFZIeB3GGNeB4SEJceDeB4ApyII1LYesfNbhIpzcqRbA2zhMFgLic6Jq5mKJPgq7ygCewNgA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d1e457e9d4a2f9814bf8f41df8a46439
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 19 May 2021 12:05:37 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"5fd3c42e05bd65ab81f3572e621bb375"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 19 May 2022 11:12:28 GMT
docallbackinfoae99483d522c4253aef65da010dd5319.js
ui.clevernt.com/ 		695 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.clevernt.com/docallbackinfoae99483d522c4253aef65da010dd5319.js
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
host-109.clevernetwork.pt
Software
nginx /
Resource Hash
7c15e1be5a52da7143f66c90f1fbec57311b424213d7f5817787886d121be607
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
cache
date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=15768000
expires
Wed, 19 May 2021 13:05:38 GMT
thumbnail-for-380364-300x200.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380364-300x200.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1da03e2eee9c1824cb4fe74d566765da5539eca8eff043474c95792ea972cf49

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380364-300x200.jpg
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1621433136459}; __gads=ID=76a7aa740ca683dc-22c6da0b46c800b3:T=1621425936:RT=1621425936:S=ALNI_MbI96-HHq-K63ltctcRmA2sqq4meQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35588
cf-request-id
0a261d760100004e6d6e1fd000000001
last-modified
Wed, 19 May 2021 11:55:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ntWhEEf9%2B317oqU6UOwX8RXmRXaVE%2FfAnY61xXKjR78LFouwN5XooNeh8m1Qf1BkozZawrmgqYnHVT%2FN5XG%2FYCoVAtfMEV1etDkfvbtLwhinSZHVsIpm0z4PUW6Opg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31d00ad44e6d-FRA
expires
Thu, 19 May 2022 18:05:38 GMT
thumbnail-for-380168.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/18/ 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/18/thumbnail-for-380168.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae819b1c23dcde756f190f8e02b3327d347481f48bc916e45a726ccfa199ab71

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/18/thumbnail-for-380168.jpg
pragma
no-cache
cookie
__vliIPL={"value":["2a01:4f8:192:5414::2"],"expiredAt":1621433136459}; __gads=ID=76a7aa740ca683dc-22c6da0b46c800b3:T=1621425936:RT=1621425936:S=ALNI_MbI96-HHq-K63ltctcRmA2sqq4meQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:37 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8364
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
174321
cf-request-id
0a261d760100004e6d590d8000000001
last-modified
Tue, 18 May 2021 20:50:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LiMRI935XWMcMr4LXyPrgg1G9BQ7dVj%2FbE6bVuyQVLe%2B7D5wRJEm6MqVN2sO%2FVp%2BMHehQQVdz9MX4c4DeQMTl7J%2BT80gEVkAEG%2FuLUtU1BQ5%2Bvo6WIUn3ESJkquTdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31d00ad84e6d-FRA
expires
Thu, 19 May 2022 15:46:13 GMT
p
server.gblcdn.com/pool/ 		166 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://server.gblcdn.com/pool/p?pubid=6818bcf0-1b47-11ea-96b7-ad343d73332a&l=1&mck_o=&mck_b=&mck_c=&mck_ov=&mck_bv=&t=i&mt=b&dco=0&fq=&fqc=&wh=fanoticias.com.br&w=300&h=250
Requested by
Host: data.gblcdn.com
URL: https://data.gblcdn.com/data/gblcdnp.js?pubid=6818bcf0-1b47-11ea-96b7-ad343d73332a&pid=vtxemfzfdldsc&renderD=0&limitT=0&limitH=24&t=i&_time=1575981348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:5b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97760daee121e195a484cd4b8625c46c217fe4939f1e552b640a37cbe1908d9e

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q3qVwqK7KqqXYnH1CDEFV4ZilUvg2bv0LghmYqeTa6mnAI8aqudV5NvN0HFE1OFPKnoENPTWLWaRnGzQxi%2Fltznr%2BQTqzniRtBpg9Zq%2FS6IHcJPLR0GcwXMZe779Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://fanoticias.com.br
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
cf-ray
651d31d0d925647f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d76880000647f91bb6000000001
prebid_alright.js
cdn.a-latam.com/ 		305 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.a-latam.com/prebid_alright.js
Requested by
Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_5nW1GptD.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:ae4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad346d3ec39d7709cc170da7b5df6f0ed2f17c9589653f2320f0cf7b0936c094

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2504
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ETWF1KX1DR5HHXRQ
x-amz-id-2
unJzjHWi2Nx8zEd4k4ZsfYffbnIsK4YUPiivXL86lJPpStPEdOlAxHizS4Vf6QCXDDgMRaJi5cw=
last-modified
Tue, 23 Feb 2021 20:03:09 GMT
server
cloudflare
etag
W/"cf84cfd284cdbc421158e00fe081a1b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O4Of0OgrREGcTjpBBJSJbl5NV7tFf3SREYxWiX0VHN97ToCwy77sz%2BD%2BHJGtd14RviOGVUcvQ02nKFpjFNPiQjhmIpLBLH1Ilcf9AGttosobw2OMMSMbSmwBEvI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-request-id
0a261d768f0000062d440b5000000001
cf-ray
651d31d0de5c062d-FRA
matomo.php
analytics.alright.network/manager/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.alright.network/manager/matomo.php?action_name=Home%20%E2%80%93%20FA%20NOT%C3%8DCIAS%20-%20Not%C3%ADcias%20de%20S%C3%A3o%20Mateus%20e%20Norte%20do%20ES&idsite=5&rec=1&r=624175&h=14&m=5&s=37&url=https%3A%2F%2Ffanoticias.com.br%2F&_id=6f331deb89103036&_idts=1621425938&_idvc=1&_idn=0&_refts=0&_viewts=1621425938&send_image=1&cookie=1&res=1600x1200&gt_ms=580&pv_id=Ynt9YC
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.165.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-165-14.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
cache-control
no-store
server
nginx/1.16.1
content-encoding
none
content-length
43
content-type
image/gif
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 7D8D 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 01:32:03 GMT
x-content-type-options
nosniff
server
cafe
age
38015
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Thu, 20 May 2021 01:32:03 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 8A48 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 01:32:03 GMT
x-content-type-options
nosniff
server
cafe
age
38015
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Thu, 20 May 2021 01:32:03 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 8819 		79 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a979f9f9c8408f52c9390b1533ef41ca0e8f2541b02abdb56bf7386475a4a0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/15114128110379568047/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Sun, 16 May 2021 22:04:49 GMT
expires
Mon, 16 May 2022 22:04:49 GMT
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
18019
age
223249
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 24C5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQ-z_EP-kYJu4FZLC3gPIlKrQDJmlto5iv6nH6_sMkffH94MCEAEg4vXMQGCVAqAB5rC9vwPIAQmpAl4VUHf_iLQ-qAMByANIqgTCAU_Q15I57TKjjgN-QQzwS7Irj14KJ3H3i-7ZzeFtFO46AkqVkgE-Th_-IhQIhwV3iOXJ697G6GJTLFAUN2pNRQMM8dsTvCT09NGtZBHlaSA6dxCuRFtoCCBwoeHAWMzYvWLwUtQHoV-NDpjDm8AU8J9EhjR3KP5gcos39UXhs2mEzHLSB7MvUaU6AqwiVS5hfMS8DgL6ngaqqn-HNv0PZ4tDKrBspDCUyl6ZUOEEO06UFpg8bkFVoUplNN4fRyhLLq0YwASp3q_EwQOSBQQIBBgBkgUECAUYBKAGLoAHgs_CQKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDG1V_SCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMTY3ODQ5MDM3OTY3OTE4OQ&sigh=Rmxcuwoh7Xg&template_id=419
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 19 May 2021 12:05:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 19 May 2021 12:05:38 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 24C5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 11:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7009
x-xss-protection
0
server
cafe
etag
607056201285360291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 11:59:52 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 24C5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 12:00:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 24C5 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Wed, 19 May 2021 12:05:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 24C5 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:01:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 12:01:19 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 189D 		79 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a979f9f9c8408f52c9390b1533ef41ca0e8f2541b02abdb56bf7386475a4a0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/15114128110379568047/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Sun, 16 May 2021 22:04:49 GMT
expires
Mon, 16 May 2022 22:04:49 GMT
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
18019
age
223249
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 820A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8RpwEP-kYI7pG5mz3gOLxYKADpmlto5iv6nH6_sMloLNhYgWEAEg4vXMQGCVAqAB5rC9vwPIAQmpAl4VUHf_iLQ-qAMByANIqgS8AU_QxqTMUwqwEz9l2qXVRHKywElTncSOBG4CvZUW_4pAHzYXPuNGmbaUZvF7sbnzBD_WtRrUuWCxIG_JVP9dhvhi6WP9LL1m1vboqba41LWEb0A3GHoV9AaLgNUqbPjbuOrCxoPxK1L2J4uH8mXIpG6JIiwXext_1N353gMoQh2ISa3iydt5upyiB7vDfbSXk54qYKfcMC6iPCm_CrDJXMzA570qiVMo4DxuZ0i3eMx5zpZi5GsUthneD_TTwASp3q_EwQOSBQQIBBgBkgUECAUYBKAGLoAHgs_CQKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCmrxPSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMTY3ODQ5MDM3OTY3OTE4OQ&sigh=kNNMHuFairk&template_id=419
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 19 May 2021 12:05:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 19 May 2021 12:05:38 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 820A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 11:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7009
x-xss-protection
0
server
cafe
etag
607056201285360291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 11:59:52 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 820A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 12:00:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 820A 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Wed, 19 May 2021 12:05:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 820A 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 12:02:53 GMT
l
www.google.com/ads/measurement/ Frame 820A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRipHwAowGLXvPATa9MOXC-e3IwT3P-6_SNoUoIHpWLWZrS1pJn2MfrdyhVqqjFHfw5Siw_l9kdTOhXFjrSnAtkyXPbKQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/j/ 		2 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=942141663&t=pageview&_s=1&dl=https%3A%2F%2Ffanoticias.com.br%2F&ul=en-us&de=UTF-8&dt=Home%20%E2%80%93%20FA%20NOT%C3%8DCIAS%20-%20Not%C3%ADcias%20de%20S%C3%A3o%20Mateus%20e%20Norte%20do%20ES&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1069032874&gjid=1096999935&cid=959573116.1621425936&tid=UA-123165538-1&_gid=225155915.1621425938&_r=1&gtm=2ou5c1&z=1504461927
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fanoticias.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
thumbnail-for-380362-300x188.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380362-300x188.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad8d35c6c1b215f2c322830a593b402bebeb4d7d960ae0c251b1495e684b48e

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380362-300x188.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8521
cf-request-id
0a261d778400004e6d519d4000000001
last-modified
Wed, 19 May 2021 11:55:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mpv36ogSNemyDCF7ZKvZMjDOUYJyNzPwtLtILMGEjWspLRdOqvdsFnc%2FVFEIAkoM2L7q3qGTHHntK0AIhdAm6t%2FVt0yXbzq0NHiuASpKpHFb3W5TnfIinEtIcoudZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31d2698f4e6d-FRA
expires
Thu, 19 May 2022 18:05:38 GMT
thumbnail-for-380360-300x169.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380360-300x169.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
473814c52cc6b89518197a7d3d1bdb0f4fcbb51de675de9354425b2fa0a46d74

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380360-300x169.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6151
cf-request-id
0a261d778600004e6d4ab07000000001
last-modified
Wed, 19 May 2021 11:55:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xi%2BqWySsrYFnAEPdhL3NhbKtxUjk6ztJndRl%2F9%2FiBwKKTbqWIbtAhSmW6cyYM7XGeqmyRuWQcn%2BjHZRf7REVjBqSpj1Lx%2FhprwdGLRalwPck356eiVJppkYXlkZczg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31d269934e6d-FRA
expires
Thu, 19 May 2022 18:05:38 GMT
thumbnail-for-380358-300x169.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380358-300x169.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf575c9e9ec4a789a541e5a278fe9a62e5a1f39f8e41126f7466cc24248fddb

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380358-300x169.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14456
cf-request-id
0a261d778400004e6da9333000000001
last-modified
Wed, 19 May 2021 11:20:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wyritgUjYWXiTJ4HcWgyEo1Nm%2BJqNgi3p7HsfhiI24%2Fnc0C01BPWvN%2BWV9ffCmyHaxNkDLJ%2BT%2Bjnk%2BxJQbJ6JvUEEHfbi1hg9zfW%2FumkBngEnNxSfWmy0BdJYL0Gjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31d2698e4e6d-FRA
expires
Thu, 19 May 2022 18:05:38 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-123165538-1&cid=959573116.1621425936&jid=1069032874&gjid=1096999935&_gid=225155915.1621425938&_u=YAhAAUAAAAAAAC~&z=1973101846
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 19 May 2021 12:05:38 GMT
content-type
text/plain
access-control-allow-origin
https://fanoticias.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EA4F 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmuvWJFYnmnquvWV3gpqtANgjaqcEjehBVIAij08f6Ply00kEohjxpys0zONtU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 19 May 2021 11:29:19 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2179
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210519
Requested by
Host: cdn.a-latam.com
URL: https://cdn.a-latam.com/prebid_alright.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d6377be8991156843f8b21169d53e6c5fa2250e478cc5e8c7016311cae134b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
24312
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
949
etag
W/"6a2-oDCpX//Hj6X6xkNDdoWOonBXtUY"
x-served-by
cache-fra19176-FRA, cache-hhn4067-HHN
date
Wed, 19 May 2021 12:05:38 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
truncated
/ Frame 24C5 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0582d27af836625c5871920672243de7d6c844abbfdca6a5724e737af60331d3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame E44F 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmuvWJFYnmnquvWV3gpqtANgjaqcEjehBVIAij08f6Ply00kEohjxpys0zONtU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 19 May 2021 11:29:19 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2179
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 820A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f0f29617ee6bf6f6ee3f130cba5e030cc64ad2bc2bb6029b80220d147a9920e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-123165538-1&cid=959573116.1621425936&jid=1069032874&_u=YAhAAUAAAAAAAC~&z=1508522201
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-123165538-1&cid=959573116.1621425936&jid=1069032874&_u=YAhAAUAAAAAAAC~&z=1508522201
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fanoticias.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fanoticias.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1872 		72 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a173d1d5146e1ec20f72e4a90be0a236e5b5fc87ce8d48cd012f6885fdd18826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fanoticias.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmuvWJFYnmnquvWV3gpqtANgjaqcEjehBVIAij08f6Ply00kEohjxpys0zONtU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fanoticias.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 19 May 2021 12:05:39 GMT
server
cafe
content-length
25540
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
lp.clevernetwork.pt/bet365/geo/de/grp1/ Frame 8B44
Redirect Chain
  • https://sender.clevernt.com/transporter/37830.php?ppuc=1&ppu=0&id=400126&ref=aHR0cHM6Ly9mYW5vdGljaWFzLmNvbS5ici8%3D&ruri=&r=766860096&tok=55077511905211577055&iv=-1&ctr=DE&sz=1200&wn=&res=1600x1200...
  • https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270bfba45a3e28d621636fd4002d05a899876d3f3146e09846740b9a1947ff84

Request headers

:method
GET
:authority
lp.clevernetwork.pt
:scheme
https
:path
/bet365/geo/de/grp1/?affiliate=365_01004919
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fanoticias.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fanoticias.com.br/

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
content-type
text/html
x-amz-id-2
2D1EgeUQ6aVpa7Y/uDv8t0i+RLVacEZZTaU9gB4Gzc3lr0ijtZ6RT+vi52F6K/YXryon40LjZGQ=
x-amz-request-id
YTVHPPNZRQH7GYK6
last-modified
Thu, 13 May 2021 15:46:43 GMT
cache-control
max-age=1800
cf-cache-status
REVALIDATED
cf-request-id
0a261d7957000005e9e1b2e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MS6ThV9bcuKWCupi2hzxL9a%2FCPqCivGPAR%2FrGp42Q%2FQJ5HV4id1lPB03AXmgMsxTQiygaYt3RkEiG1Hoc6HIzNquEczMUgWEO3RNwHkd4puwjHXOa8AAnPONy6eYA6F7"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
651d31d5587e05e9-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx
date
Wed, 19 May 2021 12:05:38 GMT
content-type
text/html; charset=UTF-8
location
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
set-cookie
hstpv4user=eyJJRCI6Ijc1ODE5NjAzd2FuNjBhNGZmMTJhOTg0NyIsIkNUUiI6IkRFIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMjU1NjAxMTQwNCIsIkxhc3RVcGRhdGUiOjE2MjE0MjU5Mzh9; expires=1652961938; path=/; domain=.clevernt.com; SameSite=None; Secure
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Wed, 19 May 2021 12:05:38 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 820A 		0
58 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI6x46fa1fACFZmZdwodi6IA4A&gqi=EP-kYJDjGveHwuIPmYGYsAE&layout=/sadbundle/%24csp%253Der3%24/15114128110379568047/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8819 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 17:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 19 May 2021 17:09:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8819 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 19 May 2021 23:11:01 GMT
thumbnail-for-380356-300x170.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380356-300x170.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2245f0305b6ce66d66185be518d9ae8e08a9420af659a23e320deac6322bad6

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380356-300x170.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14386
cf-request-id
0a261d78da00004e6d493e2000000001
last-modified
Wed, 19 May 2021 11:20:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pmb0AiVf4PBlFuhCltzO%2FEdC%2FL2RE%2Fg1HNX4Taw4udPqcP2dc6T1LwVVt53wT9KoIaFHUyLXSFuXFyqI1G0ybS7ZxuSHFg744u6VBjCjj5CiA8Dvq34MxBpbCocwiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31d49f704e6d-FRA
expires
Thu, 19 May 2022 18:05:38 GMT
WhatsApp-Image-2021-05-17-at-19.19.55-e1621290065498.jpeg
fanoticias.com.br/wp-content/uploads/2021/05/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2021/05/WhatsApp-Image-2021-05-17-at-19.19.55-e1621290065498.jpeg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3554551e5cd89de16798cc97d6fb966a819b0d2f49cf861ae1839ea920c0adcb

Request headers

:path
/wp-content/uploads/2021/05/WhatsApp-Image-2021-05-17-at-19.19.55-e1621290065498.jpeg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
135726
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
166174
cf-request-id
0a261d78da00004e6d81213000000001
last-modified
Mon, 17 May 2021 22:21:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BE3tAJs9i6okI%2BJXTNygFwY9QVr1LrWRDNTSuiRrSBkblY9ic0kikozpfPCJehGXuTzZ6%2FCT6PYPqeECeBzrvsRmUhGwAw1jJkWDbk5FNqc05gQ4L6s80AdkMUu9Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31d49f734e6d-FRA
expires
Wed, 18 May 2022 04:23:32 GMT
26-03-2021-Mato-Grosso-recebe-mais-549-mil-doses-de-vacinas-Coronavac-e-AstraZeneca-64-scaled-e1621279952215.jpg
fanoticias.com.br/wp-content/uploads/2021/05/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2021/05/26-03-2021-Mato-Grosso-recebe-mais-549-mil-doses-de-vacinas-Coronavac-e-AstraZeneca-64-scaled-e1621279952215.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dc487653e3b7ed08f179320f35aa912a64df7a802e285ed787fc7701df5f0ca

Request headers

:path
/wp-content/uploads/2021/05/26-03-2021-Mato-Grosso-recebe-mais-549-mil-doses-de-vacinas-Coronavac-e-AstraZeneca-64-scaled-e1621279952215.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
145814
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
158652
cf-request-id
0a261d78db00004e6db03be000000001
last-modified
Mon, 17 May 2021 19:32:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m6FLVfMav9Koq1oJMeXwr%2FQWXweW%2BpBV%2BDZpyV7C2qRFvlD5W%2FAMUUSRzomSuBVuELfMIR38jWHweMcmcBz58XAZPaLOYUPkPGr6V6M2SNu9LkuFZBycvqXC49eJYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31d49f754e6d-FRA
expires
Wed, 18 May 2022 01:35:24 GMT
jovem-cova-rasa-sao-mateus.jpg
fanoticias.com.br/wp-content/uploads/2021/05/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2021/05/jovem-cova-rasa-sao-mateus.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ae234eeeb10e49b6fd8192b9467f49c0cc2c28501d1676f6444d07d90d2336

Request headers

:path
/wp-content/uploads/2021/05/jovem-cova-rasa-sao-mateus.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58075
cf-request-id
0a261d78dc00004e6d750fa000000001
last-modified
Mon, 17 May 2021 16:42:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a1t0HIRyrz4fhfTaerYeQjaDCqFopsv3%2B9Beo3v5eFVEz1tkQISLXdml2s3vvVQlsN3XJXVysFe6oeQJpf1I6PkemtN2xSMt6NlYI5obi4x8sn1mS4tUZOcZkwfM0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31d49f794e6d-FRA
expires
Thu, 19 May 2022 18:05:38 GMT
tiro-12.gif
fanoticias.com.br/wp-content/uploads/2021/03/ 		381 KB
381 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2021/03/tiro-12.gif
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab1064bf7d9d526d404e73785459e8243b916d06f3b9552d3b34a05f12598b05

Request headers

:path
/wp-content/uploads/2021/03/tiro-12.gif
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
389795
cf-request-id
0a261d78dd00004e6d9a10f000000001
last-modified
Fri, 12 Mar 2021 22:47:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zmBF8qPO9obPALc8qjABE8hnL52hqfR5rDjbPSYUndG7pOHwoeL2SpKMaqmwr9CPglLiBbqQEWarh8fjzIBH9%2FGBPBbPYKuH2O2HTONfGT3rr0yAvbejcBALcZwDJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31d49f864e6d-FRA
expires
Thu, 19 May 2022 18:05:38 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 189D 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 17:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 19 May 2021 17:09:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 189D 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 19 May 2021 23:11:01 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EA4F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=348645041&adf=3886970094&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936164&bpp=15&bdt=314&idt=148&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=o39ADPp2eC&p=https%3A//fanoticias.com.br&dtd=157
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmuvWJFYnmnquvWV3gpqtANgjaqcEjehBVIAij08f6Ply00kEohjxpys0zONtU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 19 May 2021 12:05:38 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 19-May-2021 13:05:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 May 2021 12:05:38 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 19 May 2021 12:05:38 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame E44F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1678490379679189&output=html&h=280&slotname=4948242605&adk=4047992378&adf=278450042&pi=t.ma~as.4948242605&w=1120&fwrn=4&fwrnh=100&lmt=1621425936&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936203&bpp=2&bdt=353&idt=173&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=wxIN6XnK3V&p=https%3A//fanoticias.com.br&dtd=222
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmuvWJFYnmnquvWV3gpqtANgjaqcEjehBVIAij08f6Ply00kEohjxpys0zONtU; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 19 May 2021 12:05:39 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 19-May-2021 13:05:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 May 2021 12:05:39 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 19 May 2021 12:05:39 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame 8819 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 10:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
7363
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Thu, 19 May 2022 10:02:55 GMT
Element_24.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 8819 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_24.svg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6961a4d4296ec402fe593fad1dc613d2a4afe369e19b245a1139e8addeef035
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4012
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
Element_18.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 8819 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_18.svg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bea8ca18fc59dd9efc69075b87febbe8dfd2a4819e600cd6fd9b5da0df604e44
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
Element_16.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 8819 		246 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_16.svg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d82367742a789f0618bd00083354a3df851fc894683e6a94e41123268ee99254
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
Element_15.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 8819 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_15.svg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbe53fbdf228359ca0cbce287c93bd5d381dc271605ae88635204eec016aa98
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1760
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
Element_19.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 8819 		473 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_19.svg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a3fa995039579e0ecb5ee278f9bad4dca2b2f4fa34ddefd7c12e17e14fa018e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
269
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
Element_13.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 8819 		10 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_13.svg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5e3a2c67fa809ff28e25a52dfa078a0b3bb3f7431a564c64d88f3dd1ee5ca62
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2515
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame 189D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 10:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
7363
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Thu, 19 May 2022 10:02:55 GMT
Element_24.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 189D 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_24.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6961a4d4296ec402fe593fad1dc613d2a4afe369e19b245a1139e8addeef035
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4012
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
Element_18.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 189D 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_18.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bea8ca18fc59dd9efc69075b87febbe8dfd2a4819e600cd6fd9b5da0df604e44
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1235
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
Element_16.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 189D 		246 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_16.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d82367742a789f0618bd00083354a3df851fc894683e6a94e41123268ee99254
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
Element_15.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 189D 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_15.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbe53fbdf228359ca0cbce287c93bd5d381dc271605ae88635204eec016aa98
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1760
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
Element_19.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 189D 		473 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_19.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a3fa995039579e0ecb5ee278f9bad4dca2b2f4fa34ddefd7c12e17e14fa018e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
269
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
Element_13.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/ Frame 189D 		10 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/Element_13.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15114128110379568047/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5e3a2c67fa809ff28e25a52dfa078a0b3bb3f7431a564c64d88f3dd1ee5ca62
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
155502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2515
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 11:48:38 GMT
server
sffe
date
Mon, 17 May 2021 16:53:56 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 16:53:56 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fanoticias.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fanoticias.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3086223192182617&correlator=3369236013347550&output=ldjh&impl=fifs&eid=21068031&vrg=2021051301&ptt=17&gdpr=1&sc=1&sfv=1-0-38&ecs=20210519&iu_parts=21830119956%2Cca-pub-9153399113741741-tag&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=siteurl%3Dfanoticias%26sitestructure%3DRON%26pageposition%3Dabovefold%26iabtaxonomy%3DNews%2520and%2520Politics%26adposition%3Dwidescreen&eri=1&cust_params=hb_domain%3Dfanoticias.com.br%26ttLS%3Dna%26ttS%3Dna%26ttT%3Dna%26ttC%3Dna%26ttU%3Dna%26ttCA%3Dna%26ttE%3Dna%26ttA%3Dna%26ttG%3Dna&cookie_enabled=1&bc=31&abxe=1&lmt=1621425938&dt=1621425938919&dlt=1621425935850&idt=2010&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1200&adks=468629310&ucis=1&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffanoticias.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=false&fws=516&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a9f17753317b1c8fcaca26672d6411901c6f9424a3dc59e78c3c4e07d9179990
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8140
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fanoticias.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
lp.clevernetwork.pt/bet365/geo/de/grp1/ Frame 8B44 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00fc655c4fbe724eb6a21f2eec916c44ce1063336946ab80c3245837eeee4a46

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2798
cf-polished
origSize=13264
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
089J68RW87836QBT
x-amz-id-2
cnjJOlJrceGUcofGgd9kaLyV9IzUMPPOEqy8aFyDpCgw3P7k79sF2txtX6nqchvskGIqzvwSkhs=
last-modified
Thu, 25 Mar 2021 16:22:46 GMT
server
cloudflare
etag
W/"073b2a488822242d9939349f5e73737e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NkZQNhnzEOSgUea5l5SkdSrDEZ3C8ECTS0gGoZDGFLot004gJmCu8ShzMmgEXhnEYbFVt3FxKVlRoZByklHe6IGmkLlI1g42CbJ3t4BU2I3Wnbql7alONGelcdqWtgS1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-request-id
0a261d7a3000002bf67221c000000001
cf-ray
651d31d6bdab2bf6-FRA
cf-bgj
minify
ad.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 8B44 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ad.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2798
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
26AZFKX33WR1B3X4
x-amz-id-2
g9wO4zZjB5HpxaXK0Iph3vcyCRBKq4ljNQiaPI6R0tPSaU9O7Q7QlOHipxFdJY+3g+zpsgPpz5E=
last-modified
Thu, 08 Apr 2021 16:03:25 GMT
server
cloudflare
etag
W/"479e7dbe9215ddc11cd4defff4f3eb85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uBZhLmNlba%2FOLFOMv7k8n9B3ZHmXS48pz1fIGQ2a3xxZ8%2FgJ7keAiyipu8Qr3WMVckwUK8%2Bb5hTv2yNqIbYcr%2FU%2Bc%2B2iozklCO2OkJS4cZvgUA7u755vKaEFRd1ek4VN"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a261d7a3100002bf688260000000001
cf-ray
651d31d6bdad2bf6-FRA
logo.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 8B44 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/logo.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6de22e7410801e46a717cbc8e490111cf960a8a979a626eb374a5a87eefe7f7a

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2798
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
NHRENR1E20Q1H3NZ
x-amz-id-2
kcQVpFcrZbgxk/kBuHIVW19EF+N9J1IPS2t8RyYlnRn8vwJhDJS4J9HmbiP863FCKMJHAcA1r54=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
W/"7857867938e1f720dc64fd585176f376"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pahGPMTOC9meZKlMhmv3IK5j9TbBmdtwou7yqBdmbQzDOf4TN5yB2RjahlQyqPtDW8UIUpiyt4J1R6G4XlPHTYXiX4N9aeuuu7TkSLtZ%2BVpM%2F%2BvgjyM2UFFud3%2B1%2BFZ0"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a261d7a3000002bf67989d000000001
cf-ray
651d31d6bda82bf6-FRA
copy1-pushmobile.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 8B44 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy1-pushmobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5555ec1375f73bdb2d5df071a8dfb3d54d5f5081b10a5ac573e53fede97aea49

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1325
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DRM0QCEM4H2E29FW
x-amz-id-2
RmNdXT+8JpCi2X1Tc2RN2uqcQhweLeFA/uIdAT149b/5OtO2HHjsITG0cszzmUVJLXumyaZ11ag=
last-modified
Mon, 29 Mar 2021 17:50:45 GMT
server
cloudflare
etag
W/"1d1e3546d5f3b6cbacb6c00058bd9ad7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eeXac1u3D%2BTzaDQnyPn2rHyahXP6OXL5zTFqtK0MsWw2bUzKUlSBwOP6t9muTJeCfOXFoRxnq%2FuHgjBR0LFkuLcj9k%2BCiPrZTSaQJ0x6gpwH3s8IFk%2B3sQcJmY30PzrQ"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a261d7a2f00002bf66bac1000000001
cf-ray
651d31d6bda92bf6-FRA
copy1-pushdown.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 8B44 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy1-pushdown.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b6b15645987e1fdcbb99f4bc155dd682c0a9c21d54535b105d0301061274b7

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2796
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DRM6XW6EQJTXYHC7
x-amz-id-2
45r/Eg9o9bftJv0i4u+c3Na8GaJ9Sia41fJBRtnvWjby3E6yyXSpYyDlc6hC35nusPlHUuUr/j0=
last-modified
Mon, 29 Mar 2021 17:50:45 GMT
server
cloudflare
etag
W/"c3c9c247689dbb5f539f3561fae9b2c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MMKt5%2Bm9gzExwwwABHeaa4zzQ5MzPB14I1sMO8ZqUEKqVp%2BhQwCT1N1Ueng9EoFhhKXCsiynotfo%2FFnrRD1OyD4vps%2B3MtO6zbtWG32AB3LXaG1BQ7GJnfb1bOOLbkQ4"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a261d7a3000002bf6a4302000000001
cf-ray
651d31d6bdae2bf6-FRA
copy2-pushmobile.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 8B44 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy2-pushmobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5ed0ea5ae2d150352120293b163c96db03e32d02f657a587ad7136724dd2a7f

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2796
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
NHRE9Z2905TTJQ41
x-amz-id-2
sLoHkRr0h3ql/EFsplGQYSFOEOB4Jvh+f5vtNzWMgQPg6kjZNIXQ9xWjbK0pW3Ja37Gll5ZTsDQ=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
W/"f88383f2a59eca584ff1697dff801e76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tyf%2B9klcBc%2B77bELQ1JpxgM%2B1XqHWpSgiFCe2rD4AjYtiYdoByokyGQooSjhHKlpvr%2FFg08uveXxIkciMV6iDYXeco27%2FAwknkl5Y2KrtQVEnQcvItW%2F4qjLr37h3WJs"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a261d7a3100002bf646af6000000001
cf-ray
651d31d6bdb02bf6-FRA
copy2-interstitial.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 8B44 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy2-interstitial.svg
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d94dd33376cb72c46adf34ec182798c1c0374cd6547f891bbe7b0b1316190e0

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1928
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
17AEE97A5DWC28W4
x-amz-id-2
NvtunDlYwkTM3p3660U60LulDSV0dj0qzkN2FUdkrFvD6QTL1eAUB+CV3a76bjITfQycefaDPIE=
last-modified
Wed, 19 May 2021 10:33:26 GMT
server
cloudflare
etag
W/"f8c347b470b47b4d3735c370cafd9813"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vpLO%2BjVrgznijaiFUXqzhv8OJ29%2BR52DyR8Znw%2FcjvRaX%2FlAVliNNG2i7Lxop1i3e4fx%2BWYYZU90JA9KLHdl94q9%2BHjDhID65QC2zolhirFyo%2BF4ae19Un2tYMHC2REM"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a261d7a3100002bf676921000000001
cf-ray
651d31d6bdb12bf6-FRA
copy2-interstitial.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 8B44 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy2-interstitial.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d94dd33376cb72c46adf34ec182798c1c0374cd6547f891bbe7b0b1316190e0

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2797
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
NHRA2YEV9RJNZWYF
x-amz-id-2
Svr6xTHwygvuLhySGUERq8P8fkFLQ3ob40+P73hhBRgMyaVHzHyekGMWV6LfNpTHS3gQ/WJAfus=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
W/"f8c347b470b47b4d3735c370cafd9813"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KPmV0pbM7XA4aZEHaFD3%2FVV6xkbkPdSMU4KjuuOXnPDAAldxznrkwDU%2B33FgP9zgB34oKg%2BzkUsRsvo57yFKGTMGEnxREA%2BUn4kOl7j%2BUoDQ82hMAXvkxHUBH75x7jRk"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a261d7a3100002bf68f13d000000001
cf-ray
651d31d6bdb22bf6-FRA
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 8B44 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lp.clevernetwork.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0a261d7a2500004e13251a6000000001
last-modified
Tue, 11 May 2021 15:38:57 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"609aa511-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pKUkumaBxjQricMSfBtc4vuk%2FzDsij%2FWeN09XRgBR1%2B29Ldh2AV5kg4nKUlQxI49dMRB4PbLphmZhupzzjOBLN%2BXmqfLPzhyQtC5Q9fvt3cmWz3nYGcQQopTzSdELgZ2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
651d31d6af794e13-FRA
expires
Fri, 21 May 2021 12:05:38 GMT
css
fonts.googleapis.com/ Frame 8B44 		7 KB
787 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebdb2a9839cc6fbf9a05e4282c7d6e7a965f0165a7c84909d9770c1028a1ce8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lp.clevernetwork.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 May 2021 10:53:46 GMT
server
ESF
date
Wed, 19 May 2021 12:05:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 May 2021 12:05:39 GMT
clever.de.min.js
lp.clevernetwork.pt/bet365/js/ Frame 8B44 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.clevernetwork.pt/bet365/js/clever.de.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_01004919
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2220
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
F9NXMWHKBGGBGCBD
x-amz-id-2
oDGuw/2DXgJ5zzhBT2kQmZV6G04WfKCpujdhmCuG63r3udIclnBNPxg4SPMn8bZlni6Z+tFg2DM=
last-modified
Tue, 18 May 2021 17:28:18 GMT
server
cloudflare
etag
W/"f608a5d30dd77ed8de7ceb968e854f04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VzkYEfxrAXIvq4D9F1sl8CnJK%2FzeM81bKoWhBiManKWHmOIrSCz62UlaXip3svuluUD7%2FaK%2F40zg6f3I7NFbjjxJGA3PwxmdhPP8g1ENlt2F9kY2gwmmKI6o2gUVraDd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-request-id
0a261d7ac200002bf67cb35000000001
cf-ray
651d31d79fff2bf6-FRA
320x320_7.gif
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 8B44 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/320x320_7.gif?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3497390085aa40385402f6a26da4fe771c8b63ab4caf5a5be0033794c181db

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2754
cf-ray
651d31d7a82b2bf6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102733
x-amz-id-2
VQ3+2Q9TiobUd6yFN1KUajksGJn5QCvArwg9WAMFfF996P5wDI/TMCNNnQ+WEj7ZfpBl/2lBJv0=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
"ca579b3142ddb16f50d36ff80ad9170a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FtGEz8YxFXGIB0yozhZKwbxHtXD3g2WMTjBWnsWDlV8sHOCbkGj5e%2BL6qnue7os3FFu5qTiOT0HfafzLMhbnEMq6J2ZcBW62z2VzuNm2Op%2FQmsR%2Fk5%2B25J68we822yY2"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
PDC0KZVF6YKA7AZD
cache-control
max-age=1800
cf-request-id
0a261d7acf00002bf643194000000001
accept-ranges
bytes
content-type
image/gif
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 8B44 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lp.clevernetwork.pt
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 01:50:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
123302
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Wed, 18 May 2022 01:50:37 GMT
css
fonts.googleapis.com/ Frame 1872 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 May 2021 10:10:49 GMT
server
ESF
date
Wed, 19 May 2021 12:05:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 May 2021 12:05:39 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 1872 		1 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 12:02:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 1872 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 11:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7009
x-xss-protection
0
server
cafe
etag
607056201285360291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 11:59:52 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 1872 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 12:00:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1872 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Wed, 19 May 2021 12:05:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 1872 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 12:02:53 GMT
l
www.google.com/ads/measurement/ Frame 1872 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4X7JRNc0hM-4jTqqVQLjRCtcm7NqingjGA26-ywt0C2lWHJ6yWpIW_jrz33GdXscH_BdQeVKRmpX2BwBrOUbNJoFEZQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6bd41964be010df5460da51c4a6824b5.js
www.gstatic.com/mysidia/ Frame 1872 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6bd41964be010df5460da51c4a6824b5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00535b5b597302e2749d3c2671f53ac61d0ba3b3e1a6624e6235ce18811b514b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 11:51:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 May 2021 10:04:25 GMT
server
sffe
age
834
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10390
x-xss-protection
0
expires
Tue, 17 Aug 2021 11:51:45 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3599671692419023044/ Frame 1872 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3599671692419023044/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70d88c005d3f5a42b8c7fb276af0fbecbe46d85160a5b884a560246e699534d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 14:13:33 GMT
x-content-type-options
nosniff
age
510726
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24433
x-xss-protection
0
last-modified
Thu, 10 Dec 2020 17:30:49 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 May 2022 14:13:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1872 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoIjkEv-kYN62I4qAjuwPiPOuyAfX8cGiYdvxi8WPDb_hHhABIOL1zEBglQKgAZmtr9gDyAEJqQJeFVB3_4i0PqgDAcgDywSqBLoBT9APqCXNtq31bCsPtRqxkDzL7xG-9V_ROHsvMqKswjppOAQiYiSU3-WzMps-d2dg7azls0uGGEpkVecGq8k48Jy-maIi9yeI7nIzddthUqEzkkUi-IR4mwUdVD5cse8viP-wgCofbNO8rHmRGwbCZHyIEWAehVvaBOsqiUkTF8NqxCeUf4fkYDj7jvKXDapUkprehGAta7gIdf9druspUVoFRAyw1xnyCaMLcqgFJPiUnFQdixQ-KHMJwATw3r_SmQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHhvLdJagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC48EvSCAkIgOGAEBABGB-ACgHICwHYEw2IFALQFQGAFwGyFxoKGAgAEhRwdWItMTY3ODQ5MDM3OTY3OTE4OQ&sigh=pAS-LIgpDgI&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 19 May 2021 12:05:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
Cookie set DefaultAff.aspx
members.bet365.de/Members/Helpers/ Frame 0C9D 		84 B
715 B 		Document
General
Check archive.org
Download Go to
Full URL
https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01004919
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/js/clever.de.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.94.208.229 Stoke-on-Trent, United Kingdom, ASN34587 (HLM2-AS, GB),
Reverse DNS
Software
/
Resource Hash
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Host
members.bet365.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://lp.clevernetwork.pt/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://lp.clevernetwork.pt/

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
ME-Redirect
PQB
Set-Cookie
Affiliates=Code=365_01004919%2f97972630806&prd=Sports; domain=.bet365.de; expires=Sat, 03-Jul-2021 12:05:39 GMT; path=/; secure ; SameSite=None session=processform=0; path=/; secure ; SameSite=None pstk=D0B2CE03C3A449E48426A398C950243D000003; domain=.bet365.de; path=/; secure ; SameSite=None
Date
Wed, 19 May 2021 12:05:38 GMT
Content-Length
177
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 50F6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 19 May 2021 03:14:09 GMT
expires
Thu, 20 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
31890
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1872 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f17620e798b09ae5e2cae76174462eba8b624ad9e5afaa8fa95179e206882412

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
728x90_7.gif
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 8B44 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/728x90_7.gif?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c513eec67ecc7220fb8aeed063c869a5baa885f86ab1110f287c901c340e49a

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2415
cf-ray
651d31d89a4c2bf6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67680
x-amz-id-2
aomGbx4lksbCEECs5CJhafvn34jvkYVReyPWH9aYJeAvvBWmDpwuawEzDbEFQD+oAm+MV2fwQYA=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
"4a28bfeb67951e81ebba647ae02d0a4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9p1FwitiVd%2B%2Fbk78EC4m4Jaxtyu8LYCOk5yoeNMVRDGDnvHvdDyIr4X8nIAEJsuS9Ty4IcGB7lxvqXcGItoKSdPnMcqtpiKgRcjIftphbCHPHEWhSQR9UhCGr3KTV5Vp"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
6BE7CHV02DD12749
cache-control
max-age=1800
cf-request-id
0a261d7b6100002bf6853d8000000001
accept-ranges
bytes
content-type
image/gif
720x300_7.gif
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 8B44 		190 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/720x300_7.gif?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac42fb5f97fc83828338609d785d23b7a9ad79ede0128f9be8f8bc373e6cb232

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2718
cf-ray
651d31d8ba792bf6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
194772
x-amz-id-2
4ntUtf4MeIDgNQM92uZPxfzqr+2msbI1KPlCKqZDWfDMysrtoKogbfxwJS4Rhp6rphwKwHdADtk=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
"8f800ccc15b927e2a9656ebb98fffa41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BiKC8OQgf74tyw3Vu3dlv4IFxvD2NiJFWOTb0bK7CJZfdsgzvK1gxA8iSRMKHah6RDau%2BnlRmDj1HqsvHTfis3Qi2Iyp46R0iAqH%2BT39sNFCq69oNxZ8xyNzaFwOb5Gj"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
PDCC6FRDSV689EC7
cache-control
max-age=1800
cf-request-id
0a261d7b6f00002bf64381e000000001
accept-ranges
bytes
content-type
image/gif
bg_1500x400.jpg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 8B44 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/bg_1500x400.jpg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:447b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0baf9ab3059e9d198b54fac80a927d5ba1ded8181f9f69ebf0f5148e6b7a8dbc

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2742
cf-ray
651d31d90b342bf6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40884
x-amz-id-2
t3+v8I/dQwwYX+qDa3IZ0bcVtNUYIptrmDLR9FVIf4CqOQoSJhJgJQ7mGRBzXbzoLpCQdVRYAQI=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
"1ddda5a3ee812a76cb8e9fa935449c30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QjBl9KV8fRM2u3U8PAOvSVoyHjd4KKZ6zMLUwebK23vtocFoXKSwT%2Fd4VtGhLr7ykiQQCwddyWN%2Bl35jXP8TCfrOVKRPW%2BGq5R1ZN9xdjt%2FwNfXc%2FxV8H6f6taDo8s5T"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
PDC0CF9TZVWH5JB9
cache-control
max-age=1800
cf-request-id
0a261d7baa00002bf66c018000000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1872 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
505810
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 13 May 2022 15:35:29 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1872 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
286936
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 16 May 2022 04:23:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1872 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
555727
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 13 May 2022 01:43:32 GMT
dpixel
cms.quantserve.com/ Frame 50F6 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIA3crjLj3FmMtLkPyilg7M&google_cver=1&google_push=AQvitUKdcVmXTnxVBRSxe_2iOunVx1S4HeIra8ptzjMliMrzhfCeZw0cxlQMN4CmtfBjwjQ2Hog3a9I3ybb1U1F51Q1t0GC3tHc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 50F6 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENxTNySfqjTrju0jsBMnh2w&google_push=AQvitUIjiEMMKlauqmfqRDnDNqtXd319_CVOxKJ0Fnkcu_VCainVpQO6vYHLm5yoHK71JyG4aF0hdGCouJMdDZ5fWDZnKMkwTA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:39 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 50F6
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEK2hhpTi260BIbHQuzpinCY&google_cver=1&google_push=AQvitUIyhEKa96OEqbIaG118_d0luoMwUCDBtd8KsFsqEFzq5GQ1KyX1NAgaCZ0usKp5NVTsBJJUNUFrh-crvfC6A_S7TSI0Xg
  • https://rtb.openx.net/sync/dds?google_gid=CAESEK2hhpTi260BIbHQuzpinCY&google_cver=1&google_push=AQvitUIyhEKa96OEqbIaG118_d0luoMwUCDBtd8KsFsqEFzq5GQ1KyX1NAgaCZ0usKp5NVTsBJJUNUFrh-crvfC6A_S7TSI0Xg&ox...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIyhEKa96OEqbIaG118_d0luoMwUCDBtd8KsFsqEFzq5GQ1KyX1NAgaCZ0usKp5NVTsBJJUNUFrh-crvfC6A_S7TSI0Xg&google_hm=z8xnM7zwzYwuY9ZY3JkR6w==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIyhEKa96OEqbIaG118_d0luoMwUCDBtd8KsFsqEFzq5GQ1KyX1NAgaCZ0usKp5NVTsBJJUNUFrh-crvfC6A_S7TSI0Xg&google_hm=z8xnM7zwzYwuY9ZY3JkR6w==
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:39 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIyhEKa96OEqbIaG118_d0luoMwUCDBtd8KsFsqEFzq5GQ1KyX1NAgaCZ0usKp5NVTsBJJUNUFrh-crvfC6A_S7TSI0Xg&google_hm=z8xnM7zwzYwuY9ZY3JkR6w==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
kcnqrhtghm0qc0407d2eib2f3ga7h7qs
pixel
cm.g.doubleclick.net/ Frame 50F6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJqEY-lTrvlXuVwWd7Y1Y0o&google_cver=1&google_push=AQvitUKi4WhnwYYTsztu8SxNaNQ8kZ5fkAtgyVBoSJwkCXUFEYPz3R11kChEN9oQTs_2c7nIBDh...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09WRjUxWVktNy0ySlNW&google_push=AQvitUKi4WhnwYYTsztu8SxNaNQ8kZ5fkAtgyVBoSJwkCXUFEYPz3R11kChEN9oQTs_2c7nIBDhwbarjdxqOSLpYKe3WunqyBeY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09WRjUxWVktNy0ySlNW&google_push=AQvitUKi4WhnwYYTsztu8SxNaNQ8kZ5fkAtgyVBoSJwkCXUFEYPz3R11kChEN9oQTs_2c7nIBDhwbarjdxqOSLpYKe3WunqyBeY
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09WRjUxWVktNy0ySlNW&google_push=AQvitUKi4WhnwYYTsztu8SxNaNQ8kZ5fkAtgyVBoSJwkCXUFEYPz3R11kChEN9oQTs_2c7nIBDhwbarjdxqOSLpYKe3WunqyBeY
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 50F6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4&google_push=AQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xX...
0
0
pixel
cm.g.doubleclick.net/ Frame 50F6
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPm4JznO_iZZ6WYlKpGKoF8&google_cver=1&google_push=AQvitUKJ-xwTZitICcQW050r...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKJ-xwTZitICcQW050riBMpUHOjetEcuwt8zVsJ703Y8S3ER5v9uN2yfmBqZ5ulvqgTtyWnzgERKDauFC-D4BKOaPDJHIg&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKJ-xwTZitICcQW050riBMpUHOjetEcuwt8zVsJ703Y8S3ER5v9uN2yfmBqZ5ulvqgTtyWnzgERKDauFC-D4BKOaPDJHIg&google_hm=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:39 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKJ-xwTZitICcQW050riBMpUHOjetEcuwt8zVsJ703Y8S3ER5v9uN2yfmBqZ5ulvqgTtyWnzgERKDauFC-D4BKOaPDJHIg&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Tue, 18 May 2021 12:05:39 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 50F6 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13It59RyRvhgJWROBTtRzL6h0VbHBJjkgPSsZ_TNvzuXjBKzSSicqe2r0mf16ufvm4o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame 15E5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&client=ca-pub-1678490379679189&output=html&h=280&slotname=2465195246&adk=616256846&adf=2209654236&pi=t.ma~as.2465195246&w=1120&fwrn=4&fwrnh=100&lmt=1621425938&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Ffanoticias.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621425936227&bpp=2&bdt=377&idt=325&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280%2C1120x280&nras=1&correlator=7836004191276&frm=20&pv=1&ga_vid=959573116.1621425936&ga_sid=1621425936&ga_hid=942141663&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=185&ady=4342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3086223192182617&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=xw6nO3FGUX&p=https%3A//fanoticias.com.br&dtd=2308
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 10:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
7364
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Thu, 19 May 2022 10:02:55 GMT
Template
boataxa.com.br/Api/Widgets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://boataxa.com.br/Api/Widgets/Template?Moeda=220&Tipo=Comercial
Protocol
HTTP/1.1
Server
191.234.177.186 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://fanoticias.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache
Pragma
no-cache
Expires
-1
Server
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
content-type
X-AspNet-Version
Date
Wed, 19 May 2021 12:05:40 GMT
Content-Length
0
Template
boataxa.com.br/Api/Widgets/ 		937 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://boataxa.com.br/Api/Widgets/Template?Moeda=220&Tipo=Comercial
Requested by
Host: boataxa.com.br
URL: https://boataxa.com.br/Api/Scripts/boataxa_hoje.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
191.234.177.186 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3755df92a02bde3eeb6ff4df4b81a53e57dac4d7ec33e95510701ec257c524b7

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
appplication/json

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:40 GMT
Content-Encoding
gzip
Server
X-AspNet-Version
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Content-Length
422
Expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f8ba50a22b6e1aff20bc45bcd17ca9f14f614c41c272079794f001651b9e5a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 12:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7799
x-xss-protection
0
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 8B44 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lp.clevernetwork.pt
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
age
266521
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
expires
Mon, 16 May 2022 10:03:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1678490379679189&plah=fanoticias.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 19 May 2021 12:05:39 GMT
1000-x-100-scaled-1000x100.jpg
fanoticias.com.br/wp-content/uploads/2020/12/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2020/12/1000-x-100-scaled-1000x100.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e4ac3e6c52a1e7842b6aaf0394b3f7644fa029a3bcac72b9a851e3526422b5

Request headers

:path
/wp-content/uploads/2020/12/1000-x-100-scaled-1000x100.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D; __gads=ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
73537
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24041
cf-request-id
0a261d7d1e00004e6d5497c000000001
last-modified
Wed, 09 Dec 2020 15:00:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JmVStZ2gwpmppfDA0frz7TXcBPYApQtOgC%2B06rBdrsCBtR7iA0Qxldpi7Q3K0146ZsOA6C5tz%2BcpNKtUcNSQY2olactXa3Ay4IWLbpviqGLi24vVIJLxcecFuWWarQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31db6ce74e6d-FRA
expires
Wed, 18 May 2022 21:40:02 GMT
1000x100px.jpg
fanoticias.com.br/wp-content/uploads/2018/07/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2018/07/1000x100px.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba63d56155852788e87b72babd7823b9bfdd6b59fda3319fc8f8ffb1d8248e6

Request headers

:path
/wp-content/uploads/2018/07/1000x100px.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D; __gads=ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
74155
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
133404
cf-request-id
0a261d7d1e00004e6d5eb51000000001
last-modified
Tue, 25 Jun 2019 17:50:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZXADA7ckx8N50Zx5JZDRG9WaTU45V3vtxzMT1QmI%2FBaxfCgOLvt43Of%2BzWXUr8FfCqviX9jO6qKWtmxktL%2Bc4dNPPnfpLTe4hFWJTNg1WfBYVql2SUU%2FJo8W4f6evQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31db6ce94e6d-FRA
expires
Wed, 18 May 2022 21:29:44 GMT
1000x100-1000x100.jpg
fanoticias.com.br/wp-content/uploads/2020/08/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2020/08/1000x100-1000x100.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e215b5917fbfe4660c4c2d98bb1f6b6dac17a3922bb69c8041de558ae2f7ab

Request headers

:path
/wp-content/uploads/2020/08/1000x100-1000x100.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D; __gads=ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
74150
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36742
cf-request-id
0a261d7d1f00004e6d9a19d000000001
last-modified
Thu, 01 Oct 2020 11:29:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=egr78ep0SLywUm%2FNJU2BvHuYzesrYtmDufYEDm1nAuLpmAHwyGDihtdhKkA8OmiL3KGwCuKvbCdtMykWR09pQkjSOMWtsfygDmBJBqIQFM%2BWfjhZSzvigNfN6XxfFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31db6cec4e6d-FRA
expires
Wed, 18 May 2022 21:29:49 GMT
thumbnail-for-380354-300x170.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380354-300x170.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61580f56333599c6881cbac27e409c0447a7a18893eb9a1b9c179e0e4d334ae4

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380354-300x170.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D; __gads=ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:40 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14327
cf-request-id
0a261d7d1f00004e6d9e165000000001
last-modified
Wed, 19 May 2021 11:20:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qpoeAO7q3uf6ZyRbm1nhzZi8qZSfLFkSVjDLzWCnFLIX6ix8QUsahqOkDHH4tkd%2F0S4jeqNGKI1DSHJkTDhsb8%2FcFlxEBdoZZ%2BgWftt9GW1Mm6z%2BCZBjFsfi3T0Y7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31db6ced4e6d-FRA
expires
Thu, 19 May 2022 18:05:39 GMT
thumbnail-for-380352-300x169.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380352-300x169.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72e0db94a33fa3b0d58d372d9cf0ed3c54ee5ac42a0bd452cb18a997eeb68996

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/19/thumbnail-for-380352-300x169.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D; __gads=ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:40 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11929
cf-request-id
0a261d7d1f00004e6d7c99f000000001
last-modified
Wed, 19 May 2021 11:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SG3jzrAIVgcGhCBz0%2BCscFsKLqUJh1tGRekSIxNb8OuyZEr3XjnrZ9P5kdrP%2FxYNi6J%2Bfk4bTJdhJvMorTcrMmPRYEetpWwcGIlS41T2ZjoXBIp%2FplEtEkgJf3R2tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31db6cef4e6d-FRA
expires
Thu, 19 May 2022 18:05:39 GMT
dinheiro.jpg
fanoticias.com.br/wp-content/uploads/2021/02/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2021/02/dinheiro.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6bdc4b3d76b6e1b1759028d6592a76ae8976e94b1944a08533060ae64e371a4

Request headers

:path
/wp-content/uploads/2021/02/dinheiro.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D; __gads=ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:40 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47128
cf-request-id
0a261d7d1f00004e6d6d97e000000001
last-modified
Fri, 26 Feb 2021 19:15:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QsE7gkWyhP%2FknLbJ8pEafNhhz%2F69nddLXYjCPYOec%2BCFqq1HEpn8lcx1WwzLD6tyAzjOmWxgspVqLaOikoYWW25mbxftZgZsd022CXD7YUttYPm05MZ89hloM2s%2FTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31db6cf04e6d-FRA
expires
Thu, 19 May 2022 18:05:39 GMT
4d64b680-b7bd-11eb-9195-5bb77b3170e5-minified-e1621339066603.jpeg
fanoticias.com.br/wp-content/uploads/2021/05/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2021/05/4d64b680-b7bd-11eb-9195-5bb77b3170e5-minified-e1621339066603.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae1fec865e0ea2a92e64d51f8243d3e9bec4ae515bd99e7c47ab2a1c0ceaaa24

Request headers

:path
/wp-content/uploads/2021/05/4d64b680-b7bd-11eb-9195-5bb77b3170e5-minified-e1621339066603.jpeg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D; __gads=ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
86694
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68957
cf-request-id
0a261d7d1f00004e6d5b8e8000000001
last-modified
Tue, 18 May 2021 11:57:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Va1TsEJqE4l9LXq%2FggCMjb%2FKaTtTr%2BLP%2FYo%2BFdPKBOBN8rc0ndZeMzLAHur%2B5owjSXP8d2WnItzXr3HvK9VBjfz7Rg8C0dSAb23rU78B5YyZuvgPSTy3RwF1d5UZ1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31db6cf24e6d-FRA
expires
Wed, 18 May 2022 18:00:45 GMT
efefd3d0-76cc-11eb-b3bb-ed06f5f0aee2-minified.jpeg
fanoticias.com.br/wp-content/uploads/2021/05/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2021/05/efefd3d0-76cc-11eb-b3bb-ed06f5f0aee2-minified.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
337c7cc9a470395578f82650650217a36806e0ba915ff68ed7dcc29d634d6d08

Request headers

:path
/wp-content/uploads/2021/05/efefd3d0-76cc-11eb-b3bb-ed06f5f0aee2-minified.jpeg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D; __gads=ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27737
cf-request-id
0a261d7d2000004e6d7f9ae000000001
last-modified
Tue, 18 May 2021 19:51:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tu1lq86kJnRn8PSh18wF4J%2B3VczhfwTD6XsRS1tyqne3tH6sYfa6Brie87GZnwN2bVLTWXV%2BylxLeFex8VD0KWluFXjG9g7NN88Lf69UrU0Q4dHD10zlcrDx8NHW2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31db6cf44e6d-FRA
expires
Thu, 19 May 2022 15:46:13 GMT
sirene.gif
fanoticias.com.br/wp-content/uploads/2021/03/ 		573 KB
574 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2021/03/sirene.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21763f80a055a36df0f4a4ccb6ce77a5eb1e42e9439369735eed43a5b881c3fc

Request headers

:path
/wp-content/uploads/2021/03/sirene.gif
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D; __gads=ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
134697
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
586542
cf-request-id
0a261d7d2000004e6d4d23b000000001
last-modified
Fri, 12 Mar 2021 22:47:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ujp5oO5XmKTbgGMNkqnOpM1S0KfW2I1z8Og4brrPYkcCXTf%2Bj%2BehkErv1FyOngLJdOZ1XZcLE8GypFMPMX4vJO3l1BoqKsaHMQ8PTVA7FnA6UrJhSsR7B3Hc3X18lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31db6cf54e6d-FRA
expires
Wed, 18 May 2022 04:40:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5574 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fanoticias.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fanoticias.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 19 May 2021 12:02:17 GMT
expires
Thu, 19 May 2022 12:02:17 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
202
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame 5574 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 10:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
7364
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Thu, 19 May 2022 10:02:55 GMT
logo_oficial-1.png
fanoticias.com.br/wp-content/uploads/2020/12/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2020/12/logo_oficial-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc8c0ad14ee6a96b21b078a0f679e255a761799e500d2c207f63907c93eb808

Request headers

:path
/wp-content/uploads/2020/12/logo_oficial-1.png
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D; __gads=ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2048370
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
69279
cf-request-id
0a261d7dc600004e6d7c9b1000000001
last-modified
Tue, 01 Dec 2020 12:12:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZvFwqPVTiF19BS5AJQcv155xOp1X3h%2BbHZXftBlv7OM%2FGzqeR2CU3xYB8wO%2FGX8s0XEeBoKPK94vIF7vhxnmDWll1jzHbknowZw72aIPOx3u%2B4R8nlzn1G5q2i%2Fyow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31dc68464e6d-FRA
expires
Tue, 26 Apr 2022 01:06:09 GMT
thumbnail-for-380100.jpg
fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/18/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/infocoweb/2021/05/18/thumbnail-for-380100.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
069263852d3d075ebde3aa93ad4594786a421a34ed4ce34ee97b82223310591a

Request headers

:path
/wp-content/uploads/infocoweb/2021/05/18/thumbnail-for-380100.jpg
pragma
no-cache
cookie
_ga=GA1.3.959573116.1621425936; _gid=GA1.3.225155915.1621425938; _gat_gtag_UA_123165538_1=1; hstpconfig=eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9; lasttrack37830=1; hstpcount37830=eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D; __gads=ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:40 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60109
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55950
cf-request-id
0a261d7e5c00004e6d660d0000000001
last-modified
Tue, 18 May 2021 19:20:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tMiJtR5VnLUNZwocWTGnP9HRuYsXX4HCob5Yp927a%2FW%2F1N5VuqhG00l9HX%2FiA6RCn%2BizRr7E8yR9KXgJ4SxwS2QHPV%2FfihAk4ud0qCQc7x1M5jNDS0TXjvDiYcFvQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31dd5b784e6d-FRA
expires
Thu, 19 May 2022 01:23:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=3086223192182617&bg=!urmluf3NAAZ7hX_Ue4U7ACkAdvg8WkK4qlGE0XGVlTHTQkVttscm2mAFt0rw7nhlmRSTiEVCPIUysAIAAACjUgAAABZoAQcKAFqtjMWRGPHOo842oRWyasqiBy9wG0T2ASkOXRkgRkoWLxpDA31y2nWyOTrQdGSzEsboY1AgCCdd8Tcl0lFi-2-wV7ZpfJfmG-Gf4K1H7PtYFI2mraMEJqNl7R6ZAlmS2J_y6nBCqYd8FIdRTz6iKUFS97eTdfVbNCGyytjpD7GDtC8pj5dMT54qFdEqfimsUICp0DIgB5N3Ln1uQPCBBPvUN1Emn6oZfu-ZacaU6G-d6JIHSIWW0VpbaSS7MhE9Z5FpkCBQAFKEYOk-yODw-fpoLNBjItqeFjGoYmjT9-jJD3oUuiOtuH0pkLog_ss7Ms7BRppXLOpn2oO5PqWj6BFoTiq1n8QWPkT1TInYpfSH3AyynxXQP8tOsTVJzvithH2JQ7BoDsk-iGLUjZ2o8Jw4Hjvs_Zthug9E8jx3Klx0XOePvBnK_AVqyyWL5PD9YifJNNMsD9RO2WuCq44jXBqPciOgE1pXPw_mRof-mobXgNKtubUmV6zJUGhUahXVntDON-Jgr3JZD4UpRPDiAfqMEEBw49yDOkNcxRFcpDI224E64vFuL0bPZo27bfLsMx_nIErbKzzPEsojEd-QlxymZxz93yHSMWtDu10JxWA9vSV9zBUE9LhazkyGWt-5R_FB0Z6-BS5_Sh65pYX0w8PDWghMVuksbGuxMEcZ5faq3hUg_P7q4ZUBhPRMRNze9hMym6k7LIu2sd0OHkpqhGp_gJ7tF51lLISPW-si-LtpV0Jf5V5i3Y5BMDtwWGGVdbMzl5SKpYo8wKSjQItH1sR-FBcJDDBfTLMEM9gbajynZqYl5x6nd4tPYLslUQZgXvJnOwwEH1vfMQ6tIBJvldGqBafi-TRENt21xBWksAkuU46pIHFMdZCeqPx4OcNZ2kC3YkDyXrYMEL8zy372-zZ8ob_Hd6Ko
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a40b18f0075&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
d5ae444028465a2877ea89a286451475907b0d8128ec0d531f965a9b0f52bbe3

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 12:05:40 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://fanoticias.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3ee5990072&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
d5f9e7b1b87a49292e49bb75ee490da3196b05e4d415ed8d338cd87f23011a8b

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 12:05:40 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://fanoticias.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3c46f80069&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e0051e32db495eed4ed334f41e354e063d745657d1005a6febcc221243e42db9

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 12:05:40 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://fanoticias.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4824
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96957d01727298b51a9a3aed860067&pos=8a96957d01727298b51a9a3db518006f&cmd=bid&secure=1&gdpr=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e619cfac29f011b44e5d22213d610d0250f9005e0825d032751d9425cc4661e5

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 12:05:40 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://fanoticias.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fanoticias.com.br
date
Wed, 19 May 2021 12:05:40 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
ads.us.e-planning.net/hb/1/2c995/1/fanoticias.com.br/
Redirect Chain
  • https://ads.us.e-planning.net/hb/1/2c995/1/fanoticias.com.br/ROS?rnd=0.8432870511097408&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=...
  • https://ads.us.e-planning.net/hb/1/2c995/1/fanoticias.com.br/ROS?ct=1&rnd=0.8432870511097408&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x9...
622 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/fanoticias.com.br/ROS?ct=1&rnd=0.8432870511097408&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Ffanoticias.com.br%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Ffanoticias.com.br%2F&gdpr=1&gdprcs=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
81e6034ed1887a02449e6ca19288309f0e17845e3d3bef2a4fd405672f7d01f7

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:40 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://fanoticias.com.br
expires
Wed, 19 May 2021 12:05:40 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
622
x-sid
AMS-738

Redirect headers

date
Wed, 19 May 2021 12:05:40 GMT
server
openresty
access-control-allow-origin
https://fanoticias.com.br
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/fanoticias.com.br/ROS?ct=1&rnd=0.8432870511097408&e=300x600_0%3A300x600%2B160x600_0%3A160x600%2B300x250_0%3A300x250%2B970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Ffanoticias.com.br%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Ffanoticias.com.br%2F&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-738
cdb
bidder.criteo.com/ 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=29578210588
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fanoticias.com.br
date
Wed, 19 May 2021 12:05:40 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
c
prebid.a-mo.net/a/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fanoticias.com.br
date
Wed, 19 May 2021 12:05:40 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin
prebid
ib.adnxs-simple.com/ut/v3/ 		611 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
55bb782d1a26d2dc04bc4af223567ff5bc19be8285b1dd341cc16aa1510e6fa5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 12:05:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
152.89.163.140; 152.89.163.140; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com; 185.33.220.36:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
42ca3189-9358-40fd-9c01-69cd5868e082
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fanoticias.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
quantumdex
useast.quantumdex.io/auction/ 		0
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 May 2021 12:05:40 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://fanoticias.com.br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2ZBx3vEOLtOab1t9MRiB7OwNjQ5qEEN77YFmQ1zxUhAvRWGN26ES3c%2FCS1bQWd9q%2FdqVbTa64N7RSX0gGiQRVSWTMO3HYdvfnfhcxIWqxunVAOzCyrg1dbUSedKmy0Bx%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
651d31e07ccb4e13-FRA
cf-request-id
0a261d804b00004e1330322000000001
undefined
fanoticias.com.br/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
b3f692c3be84d4d5fafc8d7857dade12a2dca5ed80b68df61635f474676d956d

Request headers

:path
/undefined
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
x-litespeed-cache
hit
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d818e00004e6d8f1f6000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xpFuWX36dHz%2FyxooWX3ATAC08NEv%2BPsvxNg2g9zvsYNZcIG64c9aVcKn7kpOHJ6zCyi4nTOjvQNzYDbxqAug0FVMeHXcnECQS9SbfL6YQCcemN831IMj8JqeYdnJTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
651d31e27a6f4e6d-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
img-dolar-rounded.png
boataxa.com.br/Images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://boataxa.com.br/Images/img-dolar-rounded.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
191.234.177.186 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2613c7b549ecfceb5ee5a4fc18f4fba09c8fc3511d0fd4f351f0a2a31be7dae

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 12:05:40 GMT
Last-Modified
Fri, 25 Jan 2019 16:09:53 GMT
Server
ETag
"796b7068c8b4d41:0"
Content-Type
image/png
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
6469
cidade1000x100.jpg
fanoticias.com.br/wp-content/uploads/2020/08/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2020/08/cidade1000x100.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9cd38f8251a4b7a1fd4a2b828e9852019c1192c7ab1d9403f084a5210f92a6a

Request headers

:path
/wp-content/uploads/2020/08/cidade1000x100.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:40 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2264604
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
114732
cf-request-id
0a261d81ae00004e6d81327000000001
last-modified
Thu, 06 Aug 2020 00:08:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xxECmR684M2zUH0tqa%2BiwIYveBTZXvGDFNHM%2BhxpP4oJdQnE%2F9oKm2q2i3eB3qZLErm6hXmVmmF52gK6TBHenheui%2BzqojTV%2BzEaC6V5e1ic0CMXoh9MWdL7N4NXnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31e2bae74e6d-FRA
expires
Sat, 23 Apr 2022 13:02:16 GMT
1000x100-6.jpg
fanoticias.com.br/wp-content/uploads/2018/07/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2018/07/1000x100-6.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
603fb5aed939edf2f9c0802649d64d40cb741666d3574e0a4630a3f573639ded

Request headers

:path
/wp-content/uploads/2018/07/1000x100-6.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:40 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
74147
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35371
cf-request-id
0a261d81af00004e6d49863000000001
last-modified
Sat, 31 Aug 2019 11:24:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ry1mbHiJrq5M%2BqIwn2PRqcFOHTQ%2FiEaqffuIeCRqQfh056cuedrfPrtxFex3FIPmIpEHqodZ1pem9S1kwspZZhpc20mfJJYQ2epU%2Baa1wWczRz5MgI%2Bu2bcFpFqfbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31e2baeb4e6d-FRA
expires
Wed, 18 May 2022 21:29:53 GMT
vi-logo.svg
assets.vlitag.com/media/icon/ 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/media/icon/vi-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
450214
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d81cb00004e55bd319000000001
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Nov 2019 05:04:49 GMT
server
cloudflare
etag
W/"5dbbbcf1-2c34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rrphRSojr4auaMUYEufQ3lJHXp3vMF4TDktS9N0qFIpkpA6s8KI8izuMgqlGW3opKPXSuA68owxDLgMMwX%2Bd%2FDrYQxdxJsZ%2B%2B5vRFlw54woOIT74BnFq3%2B68he%2Fytg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
651d31e2d9cb4e55-FRA
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:42 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 11:49:37 GMT
server
nginx
etag
W/"60a25851-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 May 2021 12:05:42 GMT
syncframe
gum.criteo.com/ Frame 42C3 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=fanoticias.com.br&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=fanoticias.com.br&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fanoticias.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fanoticias.com.br/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2043
set-cookie
uid=6934c3e7-b6d0-4cb0-b384-279438a7858f; expires=Thu, 19 May 2022 12:05:42 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Wed, 19 May 2021 12:05:41 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:42 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 11:49:37 GMT
server
nginx
etag
W/"60a25851-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 May 2021 12:05:42 GMT
4d64b680-b7bd-11eb-9195-5bb77b3170e5-minified-e1621339066603.jpeg
fanoticias.com.br/wp-content/uploads/2021/05/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2021/05/4d64b680-b7bd-11eb-9195-5bb77b3170e5-minified-e1621339066603.jpeg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae1fec865e0ea2a92e64d51f8243d3e9bec4ae515bd99e7c47ab2a1c0ceaaa24

Request headers

:path
/wp-content/uploads/2021/05/4d64b680-b7bd-11eb-9195-5bb77b3170e5-minified-e1621339066603.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:42 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
86697
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68957
cf-request-id
0a261d897000004e6da6302000000001
last-modified
Tue, 18 May 2021 11:57:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Ft%2FB70hxmqDeMZKB6VToLVkWr%2FBovOTX7ak4sCUkwpr1xr%2FdA8fSW4ZhelO7V8Vor6aCb5sYNYkRwZsThLamPG4QKZy8uv64%2Fj6OSgsiXy3f8VAU5oIOjKNgtpRmWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d31ef18204e6d-FRA
expires
Wed, 18 May 2022 18:00:45 GMT
/
spl.zeotap.com/ Frame 73B1 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e407f53c0f05d94016fde816a2825dcab95e7c123f6fe6251bd027aa27ff5cc

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fanoticias.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fanoticias.com.br/

Response headers

date
Wed, 19 May 2021 12:05:43 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://fanoticias.com.br
set-cookie
zc=f14a58d5-213f-4634-74b2-a7adcef6d818; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%21t%81o%D34%3F%04%E3%E7%B7%B3%8A%00%91%92%ADE%7D%C0%B7%9Bo%C1%FBR%1C%03%2F%24%5E%C3%3E%FA%D2%B2%3FU%08G%92%9D%EA+%95%5B%A8%EFRs%29%08~%984%9E%FDk%0C%9E%EA6%D7%AD%FAc%0F%B1%E7~5%C4%030pB%80+%F3%E5Rq%8F%1F%99%83%D5E0%B4%21%D9%F4u%81%40%DCk%21%CB+%8D%B2%1Bj%91%AB%D4%99%F8%9F%27%05%7CV%B1%CD%82%3D%C8%94%8E%1B%BE%9C%F02%84%CA%13s0%CC%1B%105%D3%09%A9h%15%0F%D2Rn%D1%CE%16l%A7.%90%3D%02%23%BD%D94%E8%88%81%CBi2F%95%2A%FD; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a261d8d920000c27217134000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
651d31f5b9dac272-FRA
content-encoding
br
quantumdex
sync.quantumdex.io/usersync/ Frame 697F 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b18a9c761ce71c32b85c5bdb20926b8e765eaaf1872dd66aa618a3c91fdda1e

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fanoticias.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=6ffccba2-6f71-4698-8240-d5c85ba653ef
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fanoticias.com.br/

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
content-type
text/html
set-cookie
uid=6ffccba2-6f71-4698-8240-d5c85ba653ef; expires=Tue, 08 Jun 2021 12:05:44 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0a261d8d8f00004e13603a7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T%2B%2F46ZPxpYwgOCR1kyUo89FiLKVu5q%2F7bKAxyIrNgF2hN4gGBKUYeYmeFN6ys8s2T0RyX0Eprqlq6zA29y7hT6gViaXLhRmS31HjR%2BfAlWwqU8yIvdZxrjaU4smcG3E%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
651d31f5ba274e13-FRA
content-encoding
br
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Db4348cdc592c7912%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3Db4348cdc592c7912%26uid%3D%24UID&sovrn_retry=true
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=b4348cdc592c7912&uid=97a1a10db7b5f7107c92482e
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=b4348cdc592c7912&uid=97a1a10db7b5f7107c92482e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Wed, 19 May 2021 12:05:44 GMT
Server
nginx
Location
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=b4348cdc592c7912&uid=97a1a10db7b5f7107c92482e
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
um
sync.e-planning.net/
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7085285691
  • https://sync.1rx.io/usersync/tradedesk/f0218a54-75ea-4a87-a019-4265262f3cb3
  • https://sync.targeting.unrulymedia.com/csync/RX-a1c8051c-6d2b-4e4f-8c64-edd3df92315d-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-a1c8051c-6d2b-4e4f-8c64-edd3df92315d-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-a1c8051c-6d2b-4e4f-8c64-edd3df92315d-003&dc=1079cc634ca638f8&iss=1
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-a1c8051c-6d2b-4e4f-8c64-edd3df92315d-003&dc=1079cc634ca638f8&iss=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-a1c8051c-6d2b-4e4f-8c64-edd3df92315d-003&dc=1079cc634ca638f8&iss=1
date
Wed, 19 May 2021 12:05:44 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa1c8051c6d2b4e4f8c64edd3df92315d003
content-type
text/html
getuid
ib.adnxs.com/ Frame 73B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-53...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEG5dHh43IxQYHO6f3RQhaVQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702...
95 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEG5dHh43IxQYHO6f3RQhaVQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f60a89c272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8dc90000c2722f96e000000001

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEG5dHh43IxQYHO6f3RQhaVQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=468d4dee-617c-473a-b637-a4c3c41b10c5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=468d4dee-617c-473a-b637-a4c3c41b10c5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f64af8c272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8ded0000c272793a9000000001

Redirect headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=468d4dee-617c-473a-b637-a4c3c41b10c5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 73B1 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De...
  • https://mwzeom.zeotap.com/mw?cid=f0218a54-75ea-4a87-a019-4265262f3cb3&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f0218a54-75ea-4a87-a019-4265262f3cb3&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f6bbe1c272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8e370000c27270847000000001

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=f0218a54-75ea-4a87-a019-4265262f3cb3&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 73B1 		0
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1621425944.995485,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11562-HHN
u
dmp.v.fwmrm.net/ad/ Frame 73B1 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f601:8db1:1078:892f:cd87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:44 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 73B1 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=f6772532-587b-4455-ba39-b7fe29301d47&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f6772532-587b-4455-ba39-b7fe29301d47&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f6dc00c272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8e430000c2722f977000000001

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=f6772532-587b-4455-ba39-b7fe29301d47&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f14a58d5-213f-4634-74b2-a7adcef6d818&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f14a58d5-213f-4634-74b2-a7adcef6d818&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=34904531253065351864193442308075672467&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=34904531253065351864193442308075672467&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f70c4cc272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8e630000c2722f979000000001

Redirect headers

DCS
dcs-prod-irl1-1-v006-0dd025ac1.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
zcB5qVy1TAY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=34904531253065351864193442308075672467&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 73B1 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=f14a58d5-213f-4634-74b2-a7adcef6d818&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021051914-16062-0.997630001621425943-1bc809b0448ebdc5719e28c8f7710e5b&zdid=533&env=mWeb
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021051914-16062-0.997630001621425943-1bc809b0448ebdc5719e28c8f7710e5b&zdid=533&env=mWeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f6bbdfc272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8e360000c2725c84c000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021051914-16062-0.997630001621425943-1bc809b0448ebdc5719e28c8f7710e5b&zdid=533&env=mWeb
Date
Wed, 19 May 2021 12:05:43 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6963971402367498389&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6963971402367498389&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f66b42c272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8e010000c2726d2bf000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6963971402367498389&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Date
Wed, 19 May 2021 12:05:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 73B1 		95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=f14a58d5-213f-4634-74b2-a7adcef6d818
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f14a58d5-213f-4634-74b2-a7adcef6d818&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f14a58d5-213f-4634-74b2-a7adcef6d818&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=qaGlCUuN1esDL9z28x6U0e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=qaGlCUuN1esDL9z28x6U0e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f68b83c272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8e1a0000c2726d2c0000000001

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
last-modified
Wed, 19 May 2021 12:05:44 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=qaGlCUuN1esDL9z28x6U0e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 73B1 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=f14a58d5-213f-4634-74b2-a7adcef6d818&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.103 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f14a58d5-213f-4634-74b2-a7adcef6d818?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=f14a58d5-213f-4634-74b2-a7adcef6d818?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=5fbf9cb8b94c3f624045c4f749242f60&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=5fbf9cb8b94c3f624045c4f749242f60&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f74cc9c272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8e8b0000c272fab93000000001

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=5fbf9cb8b94c3f624045c4f749242f60&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
cache-control
no-cache
x-server
10.45.21.178
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-tKAkyvNE2ooVIj7T3tzSk427B06oFwwg.g--~A&zpartnerid=570&env=mWeb
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-tKAkyvNE2ooVIj7T3tzSk427B06oFwwg.g--~A&zpartnerid=570&env=mWeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f72c86c272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8e750000c27276b06000000001

Redirect headers

date
Wed, 19 May 2021 12:05:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-tKAkyvNE2ooVIj7T3tzSk427B06oFwwg.g--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=6HJfPSOsXBMk5ZUzv7JIkvB8nKtamx3D%2BS41iYitP1U%3D
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=6HJfPSOsXBMk5ZUzv7JIkvB8nKtamx3D%2BS41iYitP1U%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f6bbddc272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8e360000c27242854000000001

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=6HJfPSOsXBMk5ZUzv7JIkvB8nKtamx3D%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 73B1 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=f14a58d5-213f-4634-74b2-a7adcef6d818&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 73B1 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.38.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-38-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cache-control
private, no-cache, no-store
x-request-time
D=56 t=1621425944
x-served-by
beacon-n004-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 73B1 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=f14a58d5-213f-4634-74b2-a7adcef6d818&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YKT-GAABFBImwAAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YKT-GAABFBImwAAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361&_test=YKT-GAABFBImwAAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f7cddbc272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8ee60000c2721714e000000001

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1621425944.280542,VS0,VE0
x-served-by
cache-hhn4022-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YKT-GAABFBImwAAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361&_test=YKT-GAABFBImwAAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=4e6c60a4-ff18-4600-9b56-30472092c757&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=4e6c60a4-ff18-4600-9b56-30472092c757&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31f8bfabc272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d8f760000c27223abb000000001

Redirect headers

Date
Wed, 19 May 2021 12:05:44 GMT
Server
MT3 3736 915c305 master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=4e6c60a4-ff18-4600-9b56-30472092c757&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 19 May 2021 12:05:10 GMT
usermatch.gif
beacon.krxd.net/ Frame 73B1
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.38.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-38-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=36 t=1621425945
x-served-by
beacon-n013-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
date
Wed, 19 May 2021 12:05:45 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a007-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 73B1
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f14a58d5-213f-4634-74b2-a7adcef6d818&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f14a58d5-213f-4634-74b2-a7adcef6d818&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f14a58d5-213f-4634-74b2-a7adcef6d818&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:44 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:44 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f14a58d5-213f-4634-74b2-a7adcef6d818&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 73B1
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=f14a58d5-213f-4634-74b2-a7adcef6d818&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
651d31fe6a07c272-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a261d92ff0000c272738d1000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Wed, 19 May 2021 12:05:45 GMT
Connection
keep-alive
Content-Length
0
BK-Server
44e
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 73B1 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df14a58d5-213f-4634-74b2-a7adcef6d818%26reqId%3De9e702e1-84f1-4b6b-533c-4a5bd572839d%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.77.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:45 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 73B1 		557 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aeb001ec6485f91d537154312a1be5a1ce97a504f8c0964163d9fa9fab4739e

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
651d31f5fa5fc272-FRA
date
Wed, 19 May 2021 12:05:44 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
0a261d8db90000c2725c367000000001
cmp
spl.zeotap.com/ Frame 73B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f14a58d5-213f-4634-74b2-a7adcef6d818&reqId=e9e702e1-84f1-4b6b-533c-4a5bd572839d&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=f14a58d5-213f-4634-74b2-a7adcef6d818; zsc=%21t%81o%D34%3F%04%E3%E7%B7%B3%8A%00%91%92%ADE%7D%C0%B7%9Bo%C1%FBR%1C%03%2F%24%5E%C3%3E%FA%D2%B2%3FU%08G%92%9D%EA+%95%5B%A8%EFRs%29%08~%984%9E%FDk%0C%9E%EA6%D7%AD%FAc%0F%B1%E7~5%C4%030pB%80+%F3%E5Rq%8F%1F%99%83%D5E0%B4%21%D9%F4u%81%40%DCk%21%CB+%8D%B2%1Bj%91%AB%D4%99%F8%9F%27%05%7CV%B1%CD%82%3D%C8%94%8E%1B%BE%9C%F02%84%CA%13s0%CC%1B%105%D3%09%A9h%15%0F%D2Rn%D1%CE%16l%A7.%90%3D%02%23%BD%D94%E8%88%81%CBi2F%95%2A%FD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a261d8de30000c27207834000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
651d31f63adbc272-FRA
setuid
sync.quantumdex.io/ Frame 697F
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP89c86d3e-b89a-11eb-927c-06c2af1b9a58
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP89c86d3e-b89a-11eb-927c-06c2af1b9a58
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP89c86d3e-b89a-11eb-927c-06c2af1b9a58
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b3hN2LvYGmhYryUdA8qXoI0obJq8QVu6eUP8YQjMka1HaAihdAgT8mUW5m%2B6egh36AnaH8Afau75REbPTsFQx%2F3yqAwybZ7piRdxJfqOuM%2BxKCXgvURLaBU0RfKjyww%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
651d31f6fd7a4e13-FRA
content-length
43
cf-request-id
0a261d8e5c00004e1373a0e000000001

Redirect headers

Date
Wed, 19 May 2021 12:05:44 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP89c86d3e-b89a-11eb-927c-06c2af1b9a58
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 697F
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-515860c7-09f3-4836-b639-1a2d9d93102b
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-515860c7-09f3-4836-b639-1a2d9d93102b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8UIHzHc%2FYoFB5dSiYxt4VZKhO62YUN5JgJ0ULnoYKTcJ1nHjaJTxyd%2FfgCHXHyCv3s9OTnBAvIhK8yPRC%2BMQOFBlDTUx%2FfGffJBDxNwWJRjKN5IQ%2Fk%2FabFQ2vwegTIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
651d31f889e94e13-FRA
content-length
43
cf-request-id
0a261d8f5300004e138288e000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-515860c7-09f3-4836-b639-1a2d9d93102b
date
Wed, 19 May 2021 12:05:44 GMT
server
Apache-Coyote/1.1
content-length
0
us
sync.go.sonobi.com/ Frame 697F 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 697F
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Damx-rtb%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D3f5e4404-3da0-440f-ac31-0700716c5293%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1...
  • https://prebid.a-mo.net/cchain/0?A=3f5e4404-3da0-440f-ac31-0700716c5293&bidder=appnexus&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=3987439046231038006
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D3f5e4404-3da0-440f-ac31-0700716c5293%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlc...
  • https://prebid.a-mo.net/cchain/1?A=3f5e4404-3da0-440f-ac31-0700716c5293&bidder=sovrn&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0=&uid=97a1a10db7b5f7107c92482e
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D3f5e4404-3da0-440f-ac31-0700716c5293%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW...
  • https://prebid.a-mo.net/cchain/2?A=3f5e4404-3da0-440f-ac31-0700716c5293&bidder=index_rtb&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=YKT-GIY07MPHnowDp0NNfwAA%...
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D3f5e4404-3da0-440f-ac31-0700716c5293%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW50dW1kZ...
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D3f5e4404-3da0-440f-ac31-0700716c5293%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zeW5jLnF1YW5...
  • https://prebid.a-mo.net/cchain/3?A=3f5e4404-3da0-440f-ac31-0700716c5293&bidder=pubmatic&cbx=aHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj1hbXgtcnRiJnVpZD0%3D&uid=
  • https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=3f5e4404-3da0-440f-ac31-0700716c5293
43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=3f5e4404-3da0-440f-ac31-0700716c5293
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:45 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JoFhQ1BhF2hM3r%2B9%2BihCORvfMU8u7%2BTP2TSinVtNoFIhCbhA4zOsgruIMpxpEMZ0Bki6QtqqwQ2wYSYYfineHFnU3sXl6i%2F8JCRiy33KOIA29SXysQFupaAyfyW2D%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
651d31fbcb084e13-FRA
content-length
43
cf-request-id
0a261d916000004e130e024000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=amx-rtb&uid=3f5e4404-3da0-440f-ac31-0700716c5293
date
Wed, 19 May 2021 12:05:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
setuid
sync.quantumdex.io/ Frame 697F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3987439046231038006
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3987439046231038006
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y7r3QLvUbZn9FoHeVA1o7h%2BOzBXQjgbFYsLkJckci%2B90xmDDfXHhhnKRB5eRxurcI%2BEZwjoaddGfZJynyCzyZ8IFq4oJeXgYX0bdkVo61pgqBZrpxFSQE%2BKPBBU%2Bop0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
651d31f6fd824e13-FRA
content-length
43
cf-request-id
0a261d8e5d00004e131c9fa000000001

Redirect headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:44 GMT
X-Proxy-Origin
152.89.163.140; 152.89.163.140; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.165:80
AN-X-Request-Uuid
dd0c7635-57e1-4484-98cb-b5f057f18ec4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3987439046231038006
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 697F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ax9OkVJE2uHsdwOCpM3DgqUqLWcCeTzwm9z0SuI-~A
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ax9OkVJE2uHsdwOCpM3DgqUqLWcCeTzwm9z0SuI-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sp8udBMI5hiR%2BukLWHyc1as7vd0u1cIfEIrJa%2F69nrsdj1IbQvqVVFbQ2YeDa4QTcpgWa%2BRFSPVBXMIgSNLmX%2BMR4kHWOQG3yrvYFONYiRlXZaLJJwOSOoKlJ8XkaQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
651d31f6bcd84e13-FRA
content-length
43
cf-request-id
0a261d8e3500004e133f121000000001

Redirect headers

Date
Wed, 19 May 2021 12:05:44 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ax9OkVJE2uHsdwOCpM3DgqUqLWcCeTzwm9z0SuI-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 697F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=63d282c5-0904-518b-8751-98f8e7f567e0
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=63d282c5-0904-518b-8751-98f8e7f567e0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hq0jLFnplg5iHj0lMOdzI6zBdjqwMQ1M%2BSV2HcRMSvtF4qZHIEi8t4eBLbTXN3CV4CVay9GVBhW6JqxUCbWiTLueLi85bADDpj3gYjgqtMfbdVTga9TVh2hj%2BUqYFB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
651d31f7f82c4e13-FRA
content-length
43
cf-request-id
0a261d8ef900004e1342222000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=63d282c5-0904-518b-8751-98f8e7f567e0
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 697F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3987439046231038006
43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3987439046231038006
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=is2l4OFg51U%2Fn3cqM%2BriIZX5ujJo5wRjEuB85Lv%2BDsa%2FP9i%2FB2fQhM03h%2BQme%2FJW%2Bawid8OUUMaaWp0mXbqeH9xSt%2B1pY%2B3j5ru7lZ%2Fnb%2F3bWs9B7tE2SrhwUO6lV%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
651d31f6fd7c4e13-FRA
content-length
43
cf-request-id
0a261d8e5d00004e138987e000000001

Redirect headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:44 GMT
X-Proxy-Origin
152.89.163.140; 152.89.163.140; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid
a0222c47-a4f3-4efb-aab0-81dcc219c4f4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3987439046231038006
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 697F
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=97a1a10db7b5f7107c92482e
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=97a1a10db7b5f7107c92482e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6lAXP1kv%2FvvirIkxeImBY5o%2FS7bTdGbxD7rcP8moEVLiDpdHxfQ%2FDKXBnEghi8YfYQFk2wPrPSW2p%2F43zP84uhAfN8kV57f%2BtWdy6ZSyPFk9lkVaTsSjyPtF5hxzcOw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
651d31f6ac954e13-FRA
content-length
43
cf-request-id
0a261d8e2700004e133f11e000000001

Redirect headers

Date
Wed, 19 May 2021 12:05:44 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=97a1a10db7b5f7107c92482e
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame 697F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3987439046231038006
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3987439046231038006
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KQfMqvvF6We1XYKsq1n4zpWxEjfgrIVoBZWlnpTEgREsaVrVHgn%2FMM9BhoZeT3jbc7Hzqbr8%2BfCt%2BARno08GVyz3vvRYKnz5Fx49ltCVTKbeYkT2qKrPxGdXn3r%2BX9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
651d31f70da84e13-FRA
content-length
43
cf-request-id
0a261d8e6900004e1311356000000001

Redirect headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:44 GMT
X-Proxy-Origin
152.89.163.140; 152.89.163.140; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid
506912d3-2522-4d62-b84b-d698e8e185e2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=3987439046231038006
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 697F
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=864e11a7-18d4-47c8-89a4-cb8100944ee9
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=864e11a7-18d4-47c8-89a4-cb8100944ee9
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6SbW4gEgK1EIOG0Wj7G7BEcuMg%2Bz0S2mnpnngdcGLrWnjrIBvdmZxb2KK3FnzDG1t7oFl3MfF%2FVjdhnCWjC43Ld5XELcuXfzh9WYiG1b2FKEtGjLgNBQf89NrHV%2Br88%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
651d31f73e414e13-FRA
content-length
43
cf-request-id
0a261d8e8d00004e133d2ea000000001

Redirect headers

date
Wed, 19 May 2021 12:05:44 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BU%2FvmOFaqdDm5Ma8pPb4lz1%2FIeLi8f6TBMA9y3lrmyAQF9wlPTSELKZP63AQrfX%2FNmxMOeUzOa8ttoYqEJ5gMVQufhpJj6OzTx%2FAVWFAYFEcOzIHETwRmseJjHDV"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=864e11a7-18d4-47c8-89a4-cb8100944ee9
cf-ray
651d31f69c774e13-FRA
content-length
0
cf-request-id
0a261d8e2000004e1373a07000000001
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 629E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
56833bc19d3aa167cfa595b12fa72c80c5d69df7a4f97c1d716f5d57a5df053b

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YKT-GIY07MPHnowDp0NNfwAA; CMPS=3207
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|73|191|218|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1809
Expires
Wed, 19 May 2021 12:05:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 19 May 2021 12:05:44 GMT
Connection
keep-alive
Set-Cookie
CMID=YKT-GIY07MPHnowDp0NNfwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 19 May 2022 12:05:44 GMT CMPS=3207;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 17 Aug 2021 12:05:44 GMT CMPRO=1219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 17 Aug 2021 12:05:44 GMT CMST=YKT-GGCk-xgA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 20 May 2021 12:05:44 GMT CMRUM3=2760a4ff180b40&4160a4ff1805a0&da60a4ff182760&f160a4ff1805a0&e660a4ff182760&2d60a4ff1805a0&bf60a4ff1805a0&4960a4ff1805a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 19 May 2022 12:05:44 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 19 May 2021 12:05:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 19 May 2021 12:05:44 GMT
Connection
keep-alive
Set-Cookie
CMID=YKT-GIY07MPHnowDp0NNfwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 19 May 2022 12:05:44 GMT CMPS=3207;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 17 Aug 2021 12:05:44 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 181E 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Wed, 19 May 2021 12:05:44 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YKT/G; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 1015 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 8148 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-110.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
200000000000000002000208
server
33XP004
date
Wed, 19 May 2021 12:05:44 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8597 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Wed, 21 Oct 2020 18:57:29 GMT
etag
"1300708-1f78-5b232eb4914bb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2654
content-type
text/html; charset=UTF-8
cache-control
max-age=42434
expires
Wed, 19 May 2021 23:52:58 GMT
date
Wed, 19 May 2021 12:05:44 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 94EB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=83549
expires
Thu, 20 May 2021 11:18:13 GMT
date
Wed, 19 May 2021 12:05:44 GMT
vary
Accept-Encoding
casale
match.adsrvr.org/track/cmf/ Frame 629E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YKT-GIY07MPHnowDp0NNfwAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 629E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YKT-GIY07MPHnowDp0NNfwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB1Tvhnj5SFn1FCODFZ-scU&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB1Tvhnj5SFn1FCODFZ-scU&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 May 2021 12:05:45 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB1Tvhnj5SFn1FCODFZ-scU&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 629E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YKT_GIY07MPHnowDp0NNfwAABMMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEY-TvhLfeHZrvzggL2cflA&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEY-TvhLfeHZrvzggL2cflA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 19 May 2021 12:05:44 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEY-TvhLfeHZrvzggL2cflA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 629E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKT_GIY07MPHnowDp0NNfwAABMMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKT_GIY07MPHnowDp0NNfwAABMMAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKT_GIY07MPHnowDp0NNfwAABMMAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:46 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKT_GIY07MPHnowDp0NNfwAABMMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YKT_GIY07MPHnowDp0NNfwAABMMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 629E 		43 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YKT_GIY07MPHnowDp0NNfwAABMMAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame 629E 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 12:05:45 GMT
via
1.1 google
last-modified
Wed, 19 May 2021 12:05:45 GMT
server
nginx/1.20.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Wed, 19 May 2021 12:05:46 GMT
ibs:dpid=23728&dpuuid=YKT-GIY07MPHnowDp0NNfwAA%261219
dpm.demdex.net/ Frame 629E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YKT-GIY07MPHnowDp0NNfwAA%261219?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.220.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-220-26.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame 629E
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1621512344&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1621512344&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 12:05:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 19 May 2021 12:05:44 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1621512344&gdpr=1
pragma
no-cache
date
Wed, 19 May 2021 12:05:44 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame 629E 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YKT_GIY07MPHnowDp0NNfwAABMMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:44 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ew689WaFOlI3Us7uGEjaTevPelRHGmhLeTD0d1caFvO5%2FcvyayuXV9Fi6NMpLIjLTHENc8vcm%2BMGrBHNpdhW754Nv%2FcpNBjy3GJfDKRDVsizW3AGaIa4AU4IAEv8huo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
651d31f6fd7e4e13-FRA
content-length
43
cf-request-id
0a261d8e5d00004e1363067000000001
PugMaster
image6.pubmatic.com/AdServer/ Frame 94EB 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11737967&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:42 GMT
content-length
0
undefined
fanoticias.com.br/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
32987a3f49b1a655c1a7d1ab59ba8c6b9f464d93d788c19f27e6065ef42f537d

Request headers

:path
/undefined
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
x-litespeed-cache
hit
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261d96f900004e6d48ad7000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AOaqnk18K1pGNvqDNJM5HtEfWYHYErjEbFW5vAf3sHM0Mme%2BxQPuYsyCcmr%2Bd01l5yyGQT3hQhWi0UvP7bJm16iBrq9diOdSTiOEZ2kOUsQuCRxsMRCIv3FKUW5kEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
651d3204cd534e6d-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
praia-da-ilha-de-guriri-90887-article-e1589486173614.jpg
fanoticias.com.br/wp-content/uploads/2020/04/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/wp-content/uploads/2020/04/praia-da-ilha-de-guriri-90887-article-e1589486173614.jpg
Requested by
Host: fanoticias.com.br
URL: https://fanoticias.com.br/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3005a31708b975eae355bbeab662ab86421031c33ee5c08447c7eff8455e9f1f

Request headers

:path
/wp-content/uploads/2020/04/praia-da-ilha-de-guriri-90887-article-e1589486173614.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:48 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
45473
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44372
cf-request-id
0a261d9ddb00004e6d5b885000000001
last-modified
Thu, 14 May 2020 19:56:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l6o49StrcHbdg%2FSOUitRx1K%2BXDsFIhNA%2FvNW0bWrZw4b7qqs%2BXDRiMLvM6XU6yBWJMvCH%2BIgBFhy%2BHxpHz7QZOLeDt7DOl4kBgZ%2FF9aWXKvyfATa1KV0f3V4NBsN4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
651d320fcc334e6d-FRA
expires
Thu, 19 May 2022 05:27:55 GMT
undefined
fanoticias.com.br/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fanoticias.com.br/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8f82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
b3f692c3be84d4d5fafc8d7857dade12a2dca5ed80b68df61635f474676d956d

Request headers

:path
/undefined
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fanoticias.com.br
referer
https://fanoticias.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fanoticias.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:05:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
x-litespeed-cache
hit
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a261dae3f00004e6d778b4000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WzgQ2s9N2l5B%2FVRcs%2Bo0RaWV4aXnwzlKyy7WNp8HxpGI%2F1PqPSQhzQwtx%2F%2FgZdmg%2F4MYrOs0qbHwp4Kt8%2F5FaqCjddf6UwuqQC4scEjV0uDBDgcbfxUxwjzO5E1jLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
651d3229fc864e6d-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
efefd3d0-76cc-11eb-b3bb-ed06f5f0aee2-minified.jpeg
fanoticias.com.br/wp-content/uploads/2021/05/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKT_Ey0lva64amDVKWIKQQAABIwAAAAB&google_cver=1&google_push=AQvitUK6KsQC-Vyv8lq39Ct015jAikwMowaaOLqjm7maCVE7At2aEn9YaCrSOE3jVYMgCpkPp1xXjbX6REjjsy9KdzGK9rdMMXA&google_gid=CAESEJ1kq9JAF6kM9GVFTazOe-4
Domain
fanoticias.com.br
URL
https://fanoticias.com.br/wp-content/uploads/2021/05/efefd3d0-76cc-11eb-b3bb-ed06f5f0aee2-minified.jpeg

Verdicts & Comments Add Verdict or Comment

326 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings function| advanced_ads_ready undefined| $ function| jQuery object| a2a_config object| a2a_localize string| image_save_msg string| no_menu_msg string| smessage function| disableEnterKey function| wccp_free_iscontenteditable function| disable_copy function| disable_copy_ie function| reEnable function| disableSelection function| onlongtouch undefined| timer number| touchduration string| elemtype function| touchstart function| touchend function| wccp_pro_is_passive function| nocontext undefined| e object| vitag object| _taboola object| _plm object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| twemoji object| wp object| a2a number| google_lpabyc object| _VLIOBJ function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired string| tagApi object| viAPItag function| __tcfapi function| __uspapi boolean| _isUserInEU boolean| _isUserInUS object| observeElementInViewport object| __ object| Mustache function| c function| changeLocation function| searchLocation undefined| __pmxbtn object| TRC object| _tblConsole undefined| msg object| _comscore function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| vlPlayer object| $sf object| googletag undefined| timeout_result function| show_wpcp_message function| hide_message object| lazySizesConfig object| thickboxL10n object| wpBannerizeJavascriptLocalization function| metaslider_1020 function| timer_metaslider_1020 function| metaslider_73652 function| timer_metaslider_73652 function| metaslider_1080 function| timer_metaslider_1080 function| metaslider_4109 function| timer_metaslider_4109 function| metaslider_4114 function| timer_metaslider_4114 function| metaslider_73658 function| timer_metaslider_73658 function| metaslider_73660 function| timer_metaslider_73660 function| metaslider_73662 function| timer_metaslider_73662 function| metaslider_4106 function| timer_metaslider_4106 object| ElementorProFrontendConfig object| elementorFrontendConfig object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| elementorExtrasFrontendConfig function| gtag object| dataLayer object| _mtm object| d object| g object| s string| tb_pathToImage function| tb_init function| tb_click function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF object| WPBannerizeJavascript boolean| isAdminBar boolean| isEditMode object| _photobox object| NiceScroll function| retinajs function| EvEmitter function| imagesLoaded function| addResizeListener function| removeResizeListener function| jQueryBridget function| matchesSelector object| fizzyUIUtils function| InfiniteScroll function| getSize function| Outlayer function| Isotope function| Masonry function| Sticky object| elementorProFrontend object| DialogsManager function| Waypoint function| Swiper object| elementorFrontend object| regeneratorRuntime function| __tcfapiui function| vlipbChunk object| vlipb object| _pbjsGlobals string| nobidVersion object| nobid object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| lazySizes object| data object| google_tag_manager function| udm_ object| ns_p object| COMSCORE object| imgLoader object| google_tag_data string| GoogleAnalyticsObject function| ga object| FB object| hstpnetwork number| HstpnetworkRegistryLoaded object| axlc object| axll string| adMethodType string| adType string| width string| height object| MatomoTagManager object| supertag object| _paq object| piwikPluginAsyncInit object| _ttprofilescache object| apbjs function| adUnitConfig function| call function| generateId function| refreshBid object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| taboola_div object| contentElement undefined| p undefined| t undefined| n object| gaplugins object| gaData function| apbjsChunk function| JSEncrypt object| ADAGIO boolean| hstpchecker function| BezierClass number| a object| GoogleGcLKhOms object| google_image_requests object| Criteo object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106

12 Cookies

Domain/Path Name / Value
.bet365.de/ Name: pstk
Value: D0B2CE03C3A449E48426A398C950243D000003
.bet365.de/ Name: Affiliates
Value: Code=365_01004919%2f97972630806&prd=Sports
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmuvWJFYnmnquvWV3gpqtANgjaqcEjehBVIAij08f6Ply00kEohjxpys0zONtU
.fanoticias.com.br/ Name: __gads
Value: ID=0a3d22c3be7ec1eb:T=1621425938:S=ALNI_MZJ3Bx3rcAoS_sjx_vdOeaDnwLaiw
fanoticias.com.br/ Name: hstpcount37830
Value: eyJDbGljayI6MCwiQ291bnRlciI6MX0%3D
fanoticias.com.br/ Name: lasttrack37830
Value: 1
.fanoticias.com.br/ Name: _gid
Value: GA1.3.225155915.1621425938
members.bet365.de/ Name: session
Value: processform=0
fanoticias.com.br/ Name: hstpconfig
Value: eyJJRCI6IjcxODY1MDQ5dWk2MGE0ZmYxMjE1NmI1IiwiQ1RSIjoiREUiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjI1NTYwMTE0MDQsIkxhc3RVcGRhdGUiOjE2MjE0MjU5MzgsIm5vY2FjaGUiOnRydWUsImVycm9yIjpmYWxzZSwibGFzdFRyYWNrZXIiOjF9
.fanoticias.com.br/ Name: _gat_gtag_UA_123165538_1
Value: 1
.fanoticias.com.br/ Name: _ga
Value: GA1.3.959573116.1621425936

6 Console Messages

Source Level URL
Text
console-api log URL: https://fanoticias.com.br/wp-content/cache/autoptimize/js/autoptimize_2d9e131344c437ac4e659e289c0daa19.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api error URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://assets.vlitag.com/prebid/default/prebid-v4.38.0.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://tag.vlitag.com/v1/1621422868/2350cd5632a214501ea88f6e573a36a5.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://tag.vlitag.com/v1/1621422868/2350cd5632a214501ea88f6e573a36a5.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js(Line 6)
Message:
TypeError: Cannot read property 'parent' of undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
analytics.alright.network
ap.lijit.com
assets.vlitag.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
boataxa.com.br
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.a-latam.com
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
clevernt.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
data.gblcdn.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
fanoticias.com.br
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
ib.adnxs-simple.com
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
loadeu.exelator.com
logs.vlitag.com
lp.clevernetwork.pt
match.adsrvr.org
media.vlitag.com
members.bet365.de
ms.quantumdex.io
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
r4---sn-4g5ednss.googlevideo.com
redirector.googlevideo.com
rtb.openx.net
s.amazon-adsystem.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sender.clevernt.com
server.gblcdn.com
services.vlitag.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.addtoany.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.e-planning.net
sync.go.sonobi.com
sync.quantumdex.io
sync.richaudience.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
tag.vlitag.com
tagmanager.alright.network
tags.bluekai.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
ui.clevernt.com
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.krxd.net
widget.twnmm.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
fanoticias.com.br
136.144.59.88
142.250.186.130
143.204.202.123
148.69.64.109
148.69.64.76
151.1.205.165
151.101.114.49
168.119.149.178
178.162.133.149
178.250.2.131
18.198.126.47
18.213.190.7
184.30.20.207
185.184.8.30
185.33.220.244
185.33.221.13
185.64.189.110
185.64.189.115
191.234.177.186
199.232.137.44
2.18.233.180
2.18.234.21
212.82.100.182
213.19.147.44
213.19.147.45
216.52.2.39
23.45.99.241
2600:1f18:6593:f601:8db1:1078:892f:cd87
2606:4700:10::6816:1957
2606:4700:10::6816:47c5
2606:4700:20::681a:b75
2606:4700:20::681a:fee
2606:4700:20::ac43:447b
2606:4700:20::ac43:47f1
2606:4700:3033::ac43:ae4e
2606:4700:3036::6815:5b0c
2606:4700:3036::ac43:8f82
2606:4700::6810:135e
2606:4700::6810:a723
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:6b::9
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c0a::9b
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:1b7::3015
2a02:fa8:8806:12::1400
2a03:2880:f045:10:face:b00c:0:3
2a04:4e42:1b::621
2a05:d018:24:b002:ebbe:4057:3491:6f67
3.126.56.137
34.227.165.14
34.251.130.56
34.98.67.61
35.156.153.71
35.157.246.167
35.186.253.211
35.201.81.244
35.227.248.159
35.241.40.233
37.157.6.245
46.249.52.249
5.178.65.245
5.178.65.246
51.38.120.206
52.29.225.117
52.94.232.32
52.95.116.38
54.194.220.26
54.194.38.108
54.74.77.155
54.80.104.134
67.202.110.22
69.173.144.138
76.223.111.131
79.137.69.91
81.94.208.229
85.114.159.118
88.212.252.2
89.163.159.103
99.86.242.109
00535b5b597302e2749d3c2671f53ac61d0ba3b3e1a6624e6235ce18811b514b
00fc655c4fbe724eb6a21f2eec916c44ce1063336946ab80c3245837eeee4a46
01fcf3678a1a7bcaa7f42a4d11e730564af8f7d4679e97062ee3c2a3d9fff76e
02a64f065603f6fe38e068962ffce1258abeeaa4349e0118c18674986ffedf2e
0582d27af836625c5871920672243de7d6c844abbfdca6a5724e737af60331d3
069263852d3d075ebde3aa93ad4594786a421a34ed4ce34ee97b82223310591a
069eb34a4483be9e4ea6c914341efd9eb4a4e134ec9f84bfe66d5e4f48c348c6
088afe59318aff9a0806ddc7fa7e34df8d698a4b815a9d9aecae08bf6ac34bcf
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
097291912cd948e5080208b8d6bf1017637e73f58e1ad8e91add158a15ce1911
0aa69f31e14a882850b488bf4d97d7c8436a2713994a15b687c47ecc46b2ccbe
0b18a9c761ce71c32b85c5bdb20926b8e765eaaf1872dd66aa618a3c91fdda1e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0baf9ab3059e9d198b54fac80a927d5ba1ded8181f9f69ebf0f5148e6b7a8dbc
0c4fbf935c85cbd4761e6f097bc8b518fe2f7bb81964a74ff4fb43d5c6ccb174
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c9b38606882f7e7c39e61e43872f9470fbcfe1e6c953751163cd3ef77d00f15
0d8bd09375c1603f2ad27edbebb81213cadd916284a0153b9a6ddbda70b7c173
0dc1064937dcaf06127773791513ab955c36f8ccf193e30d396d952e5d886e8a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0edd3a085049f98afd0d87c293dba1028b8ec1b0215b7d80904a1df5cd588604
1020bff11a24b55c54d526e49c591facd63a2ff5d4ea00257f668f48fc1a6464
1296b8f3c535888c26a2d8cebda448e7d1a50614359f0804ae288c2255ea3a44
130e9fb3cd76abd6c115ed704cdb64c674a8ec01c20bfffa8103107e6431760b
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
159bc53bd14f1ff458cc56b823ca81e6763898a8110dc1d2ec61fcf796d45fe6
162a1d19fcc53194a195aacf489c63282315a7c06167a2cec1faf9fe5c410f57
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a3d445d1c775ee2c89495de105befb26b121f78268b99a714b17905cf61efa1
1b12c97fd08fd98739411e680189f688e4d0875d7eb0de9b1f578a71a196200d
1b94d470855dbaa0dd9f417ad8099be1d21570cd5be2ee91d8bd83c415f8c619
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1be907008e9731e1fd327df6d0b8be257dfe6f254a515e2efe1089966dd43a9f
1cf7646053beb7109622cacdca1a4187874110e1125b0a36aeb055e228ec0cd0
1da03e2eee9c1824cb4fe74d566765da5539eca8eff043474c95792ea972cf49
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1de60c76e1a53144c91b1bf9939ad41612946913919fa3c696b0a5b68eae1668
1e407f53c0f05d94016fde816a2825dcab95e7c123f6fe6251bd027aa27ff5cc
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20e2ea667cd0668fa5f1a0f428d536f98b39480026872ea67317f4835b842691
21763f80a055a36df0f4a4ccb6ce77a5eb1e42e9439369735eed43a5b881c3fc
224275a1bcb0e57d66faefa77097655bdb826acf5f9068ce10bd26d0dc058db8
2288bb9ff450f34880c3bb7ce90573991fd0cd203e0d255db3ca5e4bf71cb983
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
2662771b1002a1da92489f39945962fd27176281d7abfb0760776e8e5de86276
270bfba45a3e28d621636fd4002d05a899876d3f3146e09846740b9a1947ff84
2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b0ee9740fe2a3a1505cba311360294da26f1b3defe1411049e449c66d556656
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f3497390085aa40385402f6a26da4fe771c8b63ab4caf5a5be0033794c181db
2f921135f861a0a69c7d0d4088204f7f516292c004a071500a3cbb0cab6b63d6
3005a31708b975eae355bbeab662ab86421031c33ee5c08447c7eff8455e9f1f
32987a3f49b1a655c1a7d1ab59ba8c6b9f464d93d788c19f27e6065ef42f537d
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
337c7cc9a470395578f82650650217a36806e0ba915ff68ed7dcc29d634d6d08
3394c78482e6861bf2cabff42cc6251d6c54e21b9d59984e4a60494cdb9acab7
3554551e5cd89de16798cc97d6fb966a819b0d2f49cf861ae1839ea920c0adcb
3755df92a02bde3eeb6ff4df4b81a53e57dac4d7ec33e95510701ec257c524b7
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
3b0ae1b4de4e1a3990ef190912ed901c3aaccf5b28ed989d2dbb530f78d9ae7e
3cd95832ad2f08ef7ee9822ec8de58f6fe437388522cd14f537013b33e2670f5
3dc487653e3b7ed08f179320f35aa912a64df7a802e285ed787fc7701df5f0ca
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
447c82cf6c20337710efc9e79f9cd5c380af56168eb75de48b5586fb48ea5746
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
473814c52cc6b89518197a7d3d1bdb0f4fcbb51de675de9354425b2fa0a46d74
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
482871cfb47bca9e7cf09f35e72d76cbd4fe08b2a64a2438f0784bdc9a2f3534
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
49e215b5917fbfe4660c4c2d98bb1f6b6dac17a3922bb69c8041de558ae2f7ab
4a144ada9063b8afc0f9a1e4cbdc006ae501ee6a3105bfdf93a3154f0511881b
4a1c38f6eab1e438eaf21766b57f24a85cf6df86976835a0131e19734b0d7e75
4a3fa995039579e0ecb5ee278f9bad4dca2b2f4fa34ddefd7c12e17e14fa018e
4b2c612c3d53f956c0ee9b3602e3156b19dca69bc649ff65e399a4623eacaf69
4ba63d56155852788e87b72babd7823b9bfdd6b59fda3319fc8f8ffb1d8248e6
4bdcba71062ad849da6c41bb9130977f59af71c1b82e4c397b193469ece62ad6
4bf575c9e9ec4a789a541e5a278fe9a62e5a1f39f8e41126f7466cc24248fddb
4f488ba69b34a8b4d924f46e58cbbe62ad1031ee74af785d328ccb54c4cd9b5f
4f8ba4e908359ddebb8f7f4d8d82c966d902e6400072afaca01b9823c9a9eca7
4f8ba50a22b6e1aff20bc45bcd17ca9f14f614c41c272079794f001651b9e5a9
4fb6c47e1fdde051c92fa74b8e674ca28793be2f2ff5f3127f14352039780685
50e4ac3e6c52a1e7842b6aaf0394b3f7644fa029a3bcac72b9a851e3526422b5
52e1a89fbb5cdc36f3cab71a8c20a7848297de636813c87a813886e655856e3a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549fb5e8a772f335af45b9d36a09ac247e7cabe02aca2113325a01ccc90cd99d
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3
5555ec1375f73bdb2d5df071a8dfb3d54d5f5081b10a5ac573e53fede97aea49
55bb782d1a26d2dc04bc4af223567ff5bc19be8285b1dd341cc16aa1510e6fa5
56833bc19d3aa167cfa595b12fa72c80c5d69df7a4f97c1d716f5d57a5df053b
584100f5da4edabe59cbfd3c721f68a2cc30f6ab2b8eb2446b5e0f5086877d62
58694600a9bb19ab424e8752ab649f1365563963d2541becd627f15045a107aa
5c110f0f08f15da4620ba7b73c82c322f8c1e60b4e8c73f0c83b3b37e1146b85
5c98a279d2255495e665fc218c2065eacedbfb2309758ae8a2756f3293727ef2
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f0f29617ee6bf6f6ee3f130cba5e030cc64ad2bc2bb6029b80220d147a9920e
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
603fb5aed939edf2f9c0802649d64d40cb741666d3574e0a4630a3f573639ded
61580f56333599c6881cbac27e409c0447a7a18893eb9a1b9c179e0e4d334ae4
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
6521053904ab8682233f53aa189827cbdcc1a727babbf966bcee3c72b6ef6d96
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6a5ac676188c3dabe890da781ad329424f4ee810c662bbe3c124e6fbc4d0d223
6cd5f6be81d958c7be53e04f15aa5f3fc0a975fcbf2b3c2ff3cb006316e8969b
6de22e7410801e46a717cbc8e490111cf960a8a979a626eb374a5a87eefe7f7a
6f5227f9b5c341800315f8a328882c603d482e95aa4a0dc1078778c0f5120a70
70d88c005d3f5a42b8c7fb276af0fbecbe46d85160a5b884a560246e699534d8
71d301b463e71e84985c4d34006b061e355bda2cd86c19007a4a4745bf432a89
72e0db94a33fa3b0d58d372d9cf0ed3c54ee5ac42a0bd452cb18a997eeb68996
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74c89869a0e6ac8619c81f05c6ad78476145c8e3be8ac08b1ec4d09d5cfb5663
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
78ae234eeeb10e49b6fd8192b9467f49c0cc2c28501d1676f6444d07d90d2336
78e325e97f9de9db7f25b1ea745a5b23f51527a33e070d10cc156862038981ad
79edf9c146cb3af492cc7c407d03c67cc0f4a48723f8e6deb674cedeb1446f7b
7aeb001ec6485f91d537154312a1be5a1ce97a504f8c0964163d9fa9fab4739e
7c15e1be5a52da7143f66c90f1fbec57311b424213d7f5817787886d121be607
81e6034ed1887a02449e6ca19288309f0e17845e3d3bef2a4fd405672f7d01f7
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8351bb1f6e02aea189de2844c72a5f6d6b5726354d9005d884a7763207e0467a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89a979f9f9c8408f52c9390b1533ef41ca0e8f2541b02abdb56bf7386475a4a0
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
911ddf821ac39f09e17d63faa249e5cd58c6a8dd3ec0340326ee31841c6154b8
91b124c019737f78c7db72349e6942d33147425ceb4ed59d471c0161396cdc90
9306496bf58d656b69646c17aaeb52bbb0dc619ee68c47c9735a8f336ad5fc72
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
94e37f1a24a682b88f0212e2514f7e4cd3a2601342aaf332de8dc39ef544c44e
97760daee121e195a484cd4b8625c46c217fe4939f1e552b640a37cbe1908d9e
9932e25850e1dd733e2e35578fe40de2c237c3786088ea3ec8fc45b5cb116726
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9c513eec67ecc7220fb8aeed063c869a5baa885f86ab1110f287c901c340e49a
9d6377be8991156843f8b21169d53e6c5fa2250e478cc5e8c7016311cae134b8
9d94dd33376cb72c46adf34ec182798c1c0374cd6547f891bbe7b0b1316190e0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a173d1d5146e1ec20f72e4a90be0a236e5b5fc87ce8d48cd012f6885fdd18826
a1b6b15645987e1fdcbb99f4bc155dd682c0a9c21d54535b105d0301061274b7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a9f17753317b1c8fcaca26672d6411901c6f9424a3dc59e78c3c4e07d9179990
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab1064bf7d9d526d404e73785459e8243b916d06f3b9552d3b34a05f12598b05
ab70d87e0d9568a827b4e2003b1de9858112f12bfd88f15cf14487d698a23889
abc8c0ad14ee6a96b21b078a0f679e255a761799e500d2c207f63907c93eb808
ac42fb5f97fc83828338609d785d23b7a9ad79ede0128f9be8f8bc373e6cb232
ad0c5424009a5393dc482a84f05551e07219e48ed2e8ed529b45f148d98238b6
ad346d3ec39d7709cc170da7b5df6f0ed2f17c9589653f2320f0cf7b0936c094
ae1fec865e0ea2a92e64d51f8243d3e9bec4ae515bd99e7c47ab2a1c0ceaaa24
ae819b1c23dcde756f190f8e02b3327d347481f48bc916e45a726ccfa199ab71
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2613c7b549ecfceb5ee5a4fc18f4fba09c8fc3511d0fd4f351f0a2a31be7dae
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b3f692c3be84d4d5fafc8d7857dade12a2dca5ed80b68df61635f474676d956d
b462abc06bba650ec1cc71a4cef9200d9f2814cca4813a439847e7bc26b4dc24
b5ed0ea5ae2d150352120293b163c96db03e32d02f657a587ad7136724dd2a7f
b8f8a5242aff9d5de377d6ca48d8d2e247a9349d00d20796a4b75476a6219cf9
b8fa8e0cd5567e7a9cb5032d43a82937aa315e56c92dbc5258c2c789b88af41d
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb86e99f95362d37db276a4ec9e8e2d80ef029698afb799effc6b51b82caab87
bbbe34dd70398d8f103f7cc2bcde074af967514cc29a07fd1d44aa0cf5a6fd0e
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bcf03e24ed6e80a542ebcfa4deaaa304adf64e9c06f3d4fbff5d163583a032e7
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bea8ca18fc59dd9efc69075b87febbe8dfd2a4819e600cd6fd9b5da0df604e44
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c3920fc482a5a9c9475bb565a427b90078c3e4c9139c739d9f038cddbb8ffd02
c42ff9028fa01f4a4abd11e34da17368cd953c3338aca105b509c4c4af5d24f2
c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6961a4d4296ec402fe593fad1dc613d2a4afe369e19b245a1139e8addeef035
c9cd38f8251a4b7a1fd4a2b828e9852019c1192c7ab1d9403f084a5210f92a6a
cc18bde3e6c6fba7d105e1f56cb62a9107851cea097c2b06e94814eb8b75d5d7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd8cf3a3e3aa056a375fe2d58ea489e037f247c6d58878ce2878d813f42eecb3
d2021b2cbb32a64258e8377cc32b5fcc01f084db2e2ad385dd7860455740587d
d2379a3ca941a276fb7d70b444aeb951d937949b5e4a646ee6c0d29e8d5c8478
d2b38243694b8be1e3b1d708f9acfd713239bb31d8f0bb8984ca24ab9d659abf
d5ae444028465a2877ea89a286451475907b0d8128ec0d531f965a9b0f52bbe3
d5f9e7b1b87a49292e49bb75ee490da3196b05e4d415ed8d338cd87f23011a8b
d82367742a789f0618bd00083354a3df851fc894683e6a94e41123268ee99254
da2fd9306cdcb8f49667957267a941057922bb061676c4a14679db5e51765eea
dbc821b1c32c25f720eff3c45a5a68fcf0db58914017a17b7bec1d06c2a913ca
dbeb241324f4c3e889518c86ec74c1f6f634fff0c6f23f8c5af28273b8f31112
dd8d1b890d2d143f8fa3a5ce5e02bbc0d2c9a0da2ce3f7fa20faf0aa7e5d775e
ddbe53fbdf228359ca0cbce287c93bd5d381dc271605ae88635204eec016aa98
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df9c1bdd9a67ad5c9b44cb2b0905eab71f1c2d5f86714986df0b029b366eee6c
e0051e32db495eed4ed334f41e354e063d745657d1005a6febcc221243e42db9
e1284ef4a85cb3f774c725529f31cdc352dcf9ed86fec86f96e7857114916f93
e164b18bde0c8cb2d5b27728b03406fccd9e02b6a8ea597f726d003b6db7eb2f
e2245f0305b6ce66d66185be518d9ae8e08a9420af659a23e320deac6322bad6
e2731e8e846dd5b037a2202bc51ba1bce5484b8cd9a587cbb5d95ad3ec21aee7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e619cfac29f011b44e5d22213d610d0250f9005e0825d032751d9425cc4661e5
e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d
eb37cd504679e0fc84cc45016785ab137ea988b75aa66e613a6464ea92c8cfd6
ebdb2a9839cc6fbf9a05e4282c7d6e7a965f0165a7c84909d9770c1028a1ce8c
ed272112903352b6bac93cc709a621260da791c301dd1eef6329e746f4bc4a73
ee48b40f66332ec2d71d33eb87e1774fbd991ef4c0ccccfff1f2797665fbd5a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f17620e798b09ae5e2cae76174462eba8b624ad9e5afaa8fa95179e206882412
f2a1556f46dd5fb47e721878c2bd00b221ba07e8c6c2ee13a11c61f39e49dfeb
f3d90d234ea06c48fc66c82e4539a5f76cd9a47d164f3910862de09cbcfd66b7
f49e5eccbf420949ddb76cfa2ca1430c8f733b06fb2a35d8fed1182b41613530
f5c6d77212d793cded6797c785fd9467cdabc43953640a23b35024d73d8c460b
f5e3a2c67fa809ff28e25a52dfa078a0b3bb3f7431a564c64d88f3dd1ee5ca62
f6a9a61bb2ac12c4130402b87a346b73573adcf7347a8f834d70ba1a2e869a78
f6bdc4b3d76b6e1b1759028d6592a76ae8976e94b1944a08533060ae64e371a4
f84424b8104a7304c4aa1d0709ed7fbefb8080ae51d58cc56ce671f191dfbc84
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
fad8d35c6c1b215f2c322830a593b402bebeb4d7d960ae0c251b1495e684b48e
fb705fdef3a8d1c5f2619dad9356270f039c8f35861899bf7996701f950a90e0
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
ff19b214b0a4bda8981bdd1ba22df7bb8e22f4e5a07c041d09df004332806f95