www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:2190:da00:6:45ad:3580:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gazetadopovo.com.br.us3.cas.ms/login.php
Effective URL:
https://www.gazetadopovo.com.br/login.php/
Submission Tags: krdprod
Submission: On August 04 via api (August 4th 2021, 6:03:43 pm UTC) from JP

Summary HTTP 136 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 32 domains to perform 136 HTTP transactions. The main IP is 2600:9000:2190:da00:6:45ad:3580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.gazetadopovo.com.br.
TLS certificate: Issued by Amazon on December 23rd 2020. Valid for: a year.

This is the only time www.gazetadopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	40.81.121.140 40.81.121.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e9b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 20	2600:9000:219... 2600:9000:2190:da00:6:45ad:3580:93a1	16509 (AMAZON-02) (AMAZON-02)
3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:442e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:c0b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:b8b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	178.63.12.208 178.63.12.208	24940 (HETZNER-AS) (HETZNER-AS)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3 7	13.224.96.92 13.224.96.92	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.225.84.2 13.225.84.2	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
3	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	13.224.193.58 13.224.193.58	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
6	13.225.87.59 13.225.87.59	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:219... 2600:9000:2190:e000:13:9bf5:7100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
9	2600:9000:20e... 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20e... 2600:9000:20eb:e000:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:50	15201 (Universo ...) (Universo Online S.A.)
1	2804:49c:3104... 2804:49c:3104:401:ffff:ffff:ffff:34	15201 (Universo ...) (Universo Online S.A.)
6	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:f000:1d:7626:ce40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	23.21.180.34 23.21.180.34	14618 (AMAZON-AES) (AMAZON-AES)
136	41

1 40.81.121.140 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.gazetadopovo.com.br.us3.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6e9b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:2190:da00:6:45ad:3580:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:442e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.privacytools.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:c0b6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.12.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de716.cxense.com

comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.224.96.92 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-92.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-2.fra2.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-58.fra2.r.cloudfront.net

3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.87.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-59.fra2.r.cloudfront.net

events-api.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2190:e000:13:9bf5:7100:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.semprefamilia.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:e000:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:50 (Brazil)

ASN15201 (Universo Online S.A., BR)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3104:401:ffff:ffff:ffff:34 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:f000:1d:7626:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.umdoisesportes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.21.180.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

100026685.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	gazetadopovo.com.br 1 redirects www.gazetadopovo.com.br events-api.gazetadopovo.com.br	296 KB
19	google.com www.google.com news.google.com play.google.com	68 KB
10	jsuol.com.br tm.jsuol.com.br me.jsuol.com.br	98 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	228 KB
8	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	142 KB
7	scorecardresearch.com 3 redirects sb.scorecardresearch.com	8 KB
6	tailtarget.com tt-10162-1.seg.t.tailtarget.com b.t.tailtarget.com t.tailtarget.com	3 KB
6	tinypass.com experience.tinypass.com cdn.tinypass.com buy.tinypass.com api-v3.tinypass.com	143 KB
6	google-analytics.com www.google-analytics.com	40 KB
5	google.de www.google.de	820 B
4	uol.com.br tm.uol.com.br tracker.bt.uol.com.br	3 KB
4	semprefamilia.com.br www.semprefamilia.com.br	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
3	facebook.com www.facebook.com	263 B
3	azureedge.net mcasproxy.azureedge.net	42 KB
2	igodigital.com 100026685.collect.igodigital.com nova.collect.igodigital.com	3 KB
2	umdoisesportes.com.br www.umdoisesportes.com.br	1 KB
2	amazonaws.com 3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	882 B
2	facebook.net connect.facebook.net	97 KB
2	cxense.com scdn.cxense.com comcluster.cxense.com	28 KB
1	twitter.com analytics.twitter.com	659 B
1	t.co t.co	454 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	cloudfront.net d335luupugsy2.cloudfront.net	409 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	67 KB
1	npttech.com www.npttech.com	3 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	privacytools.com.br cdn.privacytools.com.br	3 KB
1	googleapis.com fonts.googleapis.com	959 B
1	cas.ms www.gazetadopovo.com.br.us3.cas.ms	847 B
136	32

	Domain	Requested by
20	www.gazetadopovo.com.br	1 redirects www.gazetadopovo.com.br
9	tm.jsuol.com.br	www.gazetadopovo.com.br tm.jsuol.com.br tm.uol.com.br www.gazetadopovo.com.br.us3.cas.ms
7	play.google.com	www.gstatic.com
7	news.google.com	www.gazetadopovo.com.br news.google.com www.gstatic.com
7	sb.scorecardresearch.com	3 redirects www.gazetadopovo.com.br.us3.cas.ms www.gazetadopovo.com.br
6	events-api.gazetadopovo.com.br	www.gazetadopovo.com.br
6	fonts.gstatic.com	fonts.googleapis.com news.google.com
6	www.google-analytics.com	www.gazetadopovo.com.br www.google-analytics.com me.jsuol.com.br
5	www.google.de	www.gazetadopovo.com.br
5	www.google.com	www.gazetadopovo.com.br
4	www.semprefamilia.com.br	www.gazetadopovo.com.br
4	www.gstatic.com	news.google.com www.gstatic.com
3	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br
3	tm.uol.com.br	tm.jsuol.com.br www.gazetadopovo.com.br.us3.cas.ms
3	www.facebook.com	www.gazetadopovo.com.br connect.facebook.net
3	stats.g.doubleclick.net	www.google-analytics.com
3	experience.tinypass.com	www.gazetadopovo.com.br cdn.tinypass.com
3	securepubads.g.doubleclick.net	www.gazetadopovo.com.br securepubads.g.doubleclick.net
3	mcasproxy.azureedge.net	www.gazetadopovo.com.br.us3.cas.ms mcasproxy.azureedge.net
2	www.umdoisesportes.com.br	www.gazetadopovo.com.br
2	b.t.tailtarget.com	tm.jsuol.com.br
2	3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	www.gazetadopovo.com.br
2	googleads.g.doubleclick.net	www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	www.gazetadopovo.com.br.us3.cas.ms connect.facebook.net
1	t.tailtarget.com
1	nova.collect.igodigital.com
1	100026685.collect.igodigital.com	www.gazetadopovo.com.br
1	tracker.bt.uol.com.br	www.gazetadopovo.com.br.us3.cas.ms
1	me.jsuol.com.br	tm.jsuol.com.br
1	analytics.twitter.com	static.ads-twitter.com
1	api-v3.tinypass.com	cdn.tinypass.com
1	t.co	www.gazetadopovo.com.br
1	buy.tinypass.com	cdn.tinypass.com
1	px4.ads.linkedin.com	www.gazetadopovo.com.br
1	www.linkedin.com	1 redirects
1	cdn.tinypass.com	experience.tinypass.com
1	static.ads-twitter.com	www.gazetadopovo.com.br.us3.cas.ms
1	d335luupugsy2.cloudfront.net	www.gazetadopovo.com.br.us3.cas.ms
1	snap.licdn.com	www.gazetadopovo.com.br.us3.cas.ms
1	www.googleadservices.com	www.googletagmanager.com
1	comcluster.cxense.com	www.gazetadopovo.com.br
1	www.googletagmanager.com	www.gazetadopovo.com.br
1	scdn.cxense.com	www.gazetadopovo.com.br
1	www.npttech.com	www.gazetadopovo.com.br
1	cdn.onesignal.com	www.gazetadopovo.com.br
1	cdn.privacytools.com.br	www.gazetadopovo.com.br
1	fonts.googleapis.com	www.gazetadopovo.com.br
1	www.gazetadopovo.com.br.us3.cas.ms
136	49

This site contains links to these domains. Also see Links.

Domain
assinaturas.gazetadopovo.com.br
conta.gazetadopovo.com.br
clube.gazetadopovo.com.br
especiais.gazetadopovo.com.br
www.semprefamilia.com.br
www.umdoisesportes.com.br
pt-br.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
guia.gazetadopovo.com.br
gazetadopovojornais.com.br
www.grpcom.com.br

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 06	`2021-08-04` - `2022-07-30`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
*.gazetadopovo.com.br Amazon	`2020-12-23` - `2022-01-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-11`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-04-09` - `2022-05-08`	a year	crt.sh
semprefamilia.com.br Amazon	`2020-11-13` - `2021-12-12`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.jsuol.com.br Amazon	`2020-10-31` - `2021-11-30`	a year	crt.sh
*.uol.com.br Amazon	`2020-10-01` - `2021-11-02`	a year	crt.sh
uol.com GeoTrust RSA CA 2018	`2020-07-30` - `2022-09-28`	2 years	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-25`	a year	crt.sh
*.umdoisesportes.com.br Amazon	`2020-10-19` - `2021-11-17`	a year	crt.sh
*.collect.igodigital.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-25` - `2022-02-25`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.gazetadopovo.com.br/login.php/
Frame ID: 3FF9FF51EAB7C95FA7CB21AAC1E178AD
Requests: 106 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.3.24/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Frame ID: E40B5C5055B924D4E932A32686D8AAA2
Requests: 2 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452250
Frame ID: C434B82EB41C491EDB49F71A99C70977
Requests: 12 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 058D7C50828E3D658489921485ECE453
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: 68E87B46927A7F673C9A371B90326698
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: DDBB4FAD2AF5805BEEDC997EF243EF74
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.gazetadopovo.com.br.us3.cas.ms/login.php Page URL
https://www.gazetadopovo.com.br/login.php HTTP 301
https://www.gazetadopovo.com.br/login.php/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

136
Requests

100 %
HTTPS

67 %
IPv6

32
Domains

49
Subdomains

41
IPs

6
Countries

1300 kB
Transfer

3964 kB
Size

0
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-topo-internas-gazeta
Title: assine

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/login?referrer=https://www.gazetadopovo.com.br/login.php
Title: Entrar

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar/
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/
Title: Clube Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/painel-das-privatizacoes/?ref=explore
Title: Privatizações

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/reforma-tributaria/?ref=explore
Title: Reforma tributária

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/?ref=explore
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/?ref=explore
Title: Saúde

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/?ref=explore
Title: Virtudes e Valores

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/educacao-dos-filhos/?ref=explore
Title: Educação dos filhos

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/previsao-do-tempo/?ref=explore
Title: Previsão do Tempo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/filmes/?ref=explore
Title: Cinema

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/?ref=explore
Title: UmDois Esportes

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/?ref=explore
Title: Athletico

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/?ref=explore
Title: Coritiba

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/?ref=explore
Title: Paraná Clube

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/podcasts/?ref=explore
Title: Podcast DoisUm

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/mauro-cezar/?ref=explore
Title: Mauro Cezar Pereira

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/?ref=explore
Title: Augusto Mafuz

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/?ref=explore
Title: Carneiro Neto

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/?ref=explore
Title: André Barcinski

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-pugliesi/?ref=explore
Title: André Pugliesi

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/jones-rossi/?ref=explore
Title: Jones Rossi

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/tabelas/brasileiro-serie-a/2021/?ref=explore
Title: Brasileirão Série A

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/tabelas/brasileiro-serie-b/2021/?ref=explore
Title: Brasileirão Série B

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/tabelas/copa-libertadores/2021/?ref=explore
Title: Libertadores

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/dicas-do-cartola/?ref=explore
Title: Dicas do Cartola

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/olimpiadas/?ref=explore
Title: Olimpíadas Tóquio 2021

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/
Title: ver tudo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/guilherme-cunha-pereira-etica/?ref=explore
Title: Guilherme Cunha Pereira: Ética

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/filipe-figueiredo-joe-biden-relacoes-com-brasil-e-mundo/?ref=explore
Title: Filipe Figueiredo: Joe Biden

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/defesa-da-democracia-francisco-razzo/?ref=explore
Title: Francisco Razzo: Defesa da Democracia

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/paulo-cruz-religiao-politica/?ref=explore
Title: Paulo Cruz: Religião e Política

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/?ref=explore
Title: Coronavírus

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/?ref=explore
Title: 100 Anos da Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/pesquisas-de-aprovacao/?ref=explore
Title: Pesquisas de aprovação

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/?ref=explore
Title: Todos os especiais

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/dentro-da-lei/?ref=explore
Title: Dentro da Lei

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes-editoriais-gazeta-povo-resumo/?ref=explore
Title: Em Resumo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes/?ref=explore
Title: Em Vídeo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/noticias/?ref=explore
Title: Notícias do Clube

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/parceiros/?ref=explore
Title: Descontos do Clube

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/cartao-virtual/?ref=explore
Title: Aplicativo Clube

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/premium/?ref=explore
Title: Conheça o Premium

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro?ref=explore
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/minha-assinatura?ref=explore
Title: Minha Assinatura

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/
Title: ver tudo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/?ref=explore
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://pt-br.facebook.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://twitter.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gazeta-do-povo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://guia.gazetadopovo.com.br/
Title: » Guia + Clube

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/por-que-assinar/
Title: Conheça a Gazeta

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/about-gazeta-do-povo/
Title: about Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-rodape-gazeta
Title: Assine

Search URL Search Domain Scan URL

URL: http://gazetadopovojornais.com.br/
Title: Anuncie

Search URL Search Domain Scan URL

URL: http://www.grpcom.com.br/junte-se-a-nos/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gazetadopovo.com.br.us3.cas.ms/login.php Page URL
https://www.gazetadopovo.com.br/login.php HTTP 301
https://www.gazetadopovo.com.br/login.php/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100205527&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1628100205527%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br%252Flogin.php%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100205527&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100205527&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true&e_ipv6=AQKgjGzx4WyLygAAAXsSVZ8OMob_2gqDF2oNrDI8hwSWKmqupNgEGTlW7rDFDkDiopM5YEd9

Request Chain 53

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100205722&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100205722&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F

Request Chain 127

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 132

https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1628100207749&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1628100207749&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F

136 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 login.php Show response
www.gazetadopovo.com.br.us3.cas.ms/ 1 KB
847 B 484ms
33ms Document
text/html 40.81.121.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazetadopovo.com.br.us3.cas.ms/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.81.121.140 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

73698026d281acc624d216dbe0764fb1a112445a968f117ebeb7b5b838dc0b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.gazetadopovo.com.br.us3.cas.ms
:scheme: https
:path: /login.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Wed, 04 Aug 2021 18:03:24 GMT
x-mcas-request-id: 0747606a245e3c18058a1994e32567c6
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
pragma: no-cache
expires: Mon, 01-Jan-1990 00:00:00 GMT
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.3.24/js/ 5 KB
5 KB 38ms
24ms Script
application/javascript 2a02:26f0:1700:d::1737:6e9b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.3.24/js/session-context-store-helper.min.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e9b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b

Request headers

Referer: https://www.gazetadopovo.com.br.us3.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 04 Aug 2021 18:03:24 GMT
last-modified: Wed, 04 Aug 2021 07:17:20 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PLOXavfa2pddds7xHBr81w==
etag: 0x8D95717E6041C3F
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d67a67af-a01e-00f6-540d-8973c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31502797
x-ms-version: 2009-09-19
content-length: 5084

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.3.24/html/ Frame E40B 281 B
729 B 13ms
13ms Document
text/html 2a02:26f0:1700:d::1737:6e9b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.3.24/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.3.24/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e9b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/1.3.24/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br.us3.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br.us3.cas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Wed, 04 Aug 2021 07:18:01 GMT
etag: 0x8D95717FE9A6378
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1825ea4c-201e-0009-480d-894e5a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31502767
date: Wed, 04 Aug 2021 18:03:24 GMT

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.3.24/js/ Frame E40B 36 KB
36 KB 14ms
14ms Script
application/javascript 2a02:26f0:1700:d::1737:6e9b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.3.24/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.3.24/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e9b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 84631de0bca7e12b1b542849e146044afb360af10af6ae4f5d90ec534e017734

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/1.3.24/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 04 Aug 2021 18:03:25 GMT
last-modified: Wed, 04 Aug 2021 07:17:20 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: d0ja3c44qO7D3vm2nqObfQ==
etag: 0x8D95717E6200DC3
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d67a69f2-a01e-00f6-630d-8973c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31502765
x-ms-version: 2009-09-19
content-length: 36521

GET
H2

404

Primary Request / Show response
www.gazetadopovo.com.br/login.php/
Redirect Chain

https://www.gazetadopovo.com.br/login.php?
https://www.gazetadopovo.com.br/login.php/

188 KB
33 KB

33ms
32ms

Document
text/html

2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 9c57b4195a9511416da7d06f703db7696145bfb9acb4904383f3725dd6208457

Request headers

:method: GET
:authority: www.gazetadopovo.com.br
:scheme: https
:path: /login.php/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.gazetadopovo.com.br.us3.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br.us3.cas.ms/

Response headers

content-type: text/html;charset=UTF-8
date: Wed, 04 Aug 2021 18:01:04 GMT
x-amzn-requestid: e7d3688b-3147-4ad9-8aa2-7d7c4cbb6625
x-amzn-remapped-connection: close
x-amz-apigw-id: DjZbIFZ8IAMFZyw=
cache-control: max-age=600
x-powered-by: Express
x-amzn-trace-id: Root=1-610ad5e0-33bf58c10a75f74338dc3589;Sampled=1
x-amzn-remapped-date: Wed, 04 Aug 2021 18:01:04 GMT
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront), 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1 ZRH50-C1
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
x-amz-cf-id: JoIq0vyi-bcYVCL8ZT_g_uDVQ_tb0wPEg5jRAE1diR3YJ66foH1u5Q==
age: 141

Redirect headers

content-length: 0
server: CloudFront
date: Wed, 04 Aug 2021 18:01:04 GMT
location: /login.php/
x-cache: Hit from cloudfront
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: sG91rNqwCZWz0mSnjfCofct5BPMPaf5ue02CxmFcLxlddBzWcKpi9g==
age: 141

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
25 KB 124ms
38ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

9761ffdfaabec51f7265f41428ff8cde47c3a82a3a9630862e055b7ebd39eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "949 / 736 of 1000 / last-modified: 1628076948"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24818
x-xss-protection: 0
expires: Wed, 04 Aug 2021 18:03:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
959 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 18:03:25 GMT
server: ESF
date: Wed, 04 Aug 2021 18:03:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Aug 2021 18:03:25 GMT

GET
H2 200 e6Ya311101.css
cdn.privacytools.com.br/public_api/banner/style/ 8 KB
3 KB 50ms
35ms Stylesheet
text/css 2606:4700:20::ac43:442e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/style/e6Ya311101.css?t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:442e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1045030
cf-polished: status=cannot_optimize
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2OoJ7c%2BmWUR4LrAt5NSaOxtJ0%2BrG4W1UlqiV0Rhzdo02dKpIv%2BKNJwGCjbvCupncSn%2FZc0V5EWm88RcSQ%2FPa49N%2B1rePEJcxy4RCk50PhHi4qeq0kuk7t9sX2G%2FxQhXydR%2FytUpyAId7fvtIGZYAtdHlva%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6799b3ca5c632b7d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
www.gazetadopovo.com.br/assets2/ 145 KB
19 KB 24ms
23ms Stylesheet
text/css 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7749a7cd38d6c818181e5ec08c8d90b099454ff1cf8a43e056eff4f343c8a348

Request headers

:path: /assets2/gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:54:13 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:35 GMT
server: AmazonS3
age: 83353
etag: W/"639e72473d2d53390e1ef688247c4daf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: text/css
x-amz-cf-id: MN1_h5pmzYdB8sWovZhT-yzGYxTTEZ-5IH0Y4ouk2lzYJYSTC_Afug==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 43ms
15ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2124
etag: W/"96fc99e13be87550fcfc4474d30d43d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6799b3caaa7d4e61-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Sat, 07 Aug 2021 18:03:25 GMT

GET
H2 200 gazeta-fallback.svg
www.gazetadopovo.com.br/assets2/images/svg/ 167 B
540 B 18ms
14ms Image
image/svg+xml 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets2/images/svg/gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e275872784212de73a7a1b0385a96c63311aa5f67cbad7b654b813fa18f5408

Request headers

:path: /assets2/images/svg/gazeta-fallback.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:31:53 GMT
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
last-modified: Mon, 05 Jul 2021 13:33:22 GMT
server: AmazonS3
age: 2413893
etag: "4d2a859dcd5d33e2c902077c53a4d468"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 167
x-amz-cf-id: nqAdhWcfoaw73FKbxFckC7N-MWrEjIRzNZNKI-CJPkG1odjop8kkvQ==

GET
H2 200 google-3.2.2.js Show response
www.gazetadopovo.com.br/assets/legacy/swg/ 114 KB
38 KB 18ms
15ms Script
text/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3

Request headers

:path: /assets/legacy/swg/google-3.2.2.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 01:01:22 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 20:50:04 GMT
server: AmazonS3
age: 8787723
etag: W/"9c302f91fb353b7f558cbda7922e6da1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: text/javascript; charset=UTF-8
x-amz-cf-id: M21-AlnUGn8Uf5tOcj0nQ8Gjhffn6jcC4TbCzMTIxAjHM9sqR_xwUg==

GET
H2 200 initial-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 279 KB
92 KB 24ms
21ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/initial-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84c30a59a914fdcdbbe927861e998a8015ac565e2df0cbff708bccea1ac80347

Request headers

:path: /assets2/initial-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:08 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:59 GMT
server: AmazonS3
age: 83538
etag: W/"df4171c9f678d83648a280efa8651c9a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: btE3XllAcUcxV-K-9qb7APxA20D5OLK2etp0WTe1p4OCFWVLCSU-Bw==

GET
H2 200 gazetadopovo-abstracts-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 4 KB
2 KB 18ms
15ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 740fbabd0511aa9be95dea5dccbc3bb04325f5cf98b849a3586038a3a654c9be

Request headers

:path: /assets2/gazetadopovo-abstracts-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:08 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:30 GMT
server: AmazonS3
age: 83537
etag: W/"aea3e719028a48e482baa2d5d32f1f2f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: iTdvC1-sGEfORtk1l_1sV2izJ4ekOPgVrtl53AdJsd6Eaa0Fwbos3g==

GET
H2 200 gazetadopovo-statistics-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 15 KB
5 KB 19ms
16ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-statistics-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f3f434e7a8458ef0f1e9ebbb6d18c6c42a36c86073ea1fc3ec7347b663dcd95

Request headers

:path: /assets2/gazetadopovo-statistics-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:08 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:37 GMT
server: AmazonS3
age: 83537
etag: W/"4310df519d15a036960760b05e068922"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: kHdEeeUQEHl07xcTbW48xtxzEwE9QLGbH6sstUUcUp9AmONK__pFcg==

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 41ms
25ms Script
application/javascript 2606:4700:3032::ac43:c0b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c0b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5622
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: MY9S0PJDNWKA0N4N
x-amz-id-2: u+L7370psI8SIxAmhNpCXyD7oSJ5Mvj4UhFctRtjgqEQW9IRVxx/Z0CAHkLIPiAPTAks5+rBcUw=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34e00X7IcOiVvWy1E9R5UNmF0iE%2B6EIRwmW2Y52oWdMGNfgBus9dgC8Cm8bUEtDzsLUKPp5jIh5Ft%2B%2FjO00wcs2Um3SJabzLBR39Nt34Cgy%2BNe%2FN65hsokKgYamvaNcxd8vRKNF1MhoMMVr7Gbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6799b3ca9ef7d6f1-FRA

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 115 KB
27 KB 34ms
9ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 489031b4b49cd663c247a5f37663db2cf4e30eb88d605c03d18a022cf9c06f8c

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Aug 2021 18:03:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Jul 2021 08:31:30 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27719
Expires: Wed, 04 Aug 2021 19:03:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2984
date: Wed, 04 Aug 2021 17:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 04 Aug 2021 19:13:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
67 KB 61ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd6a348c6f81d3c2ddf08471924f0c841b952312b0244bd404cb100d764de238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67901
x-xss-protection: 0
expires: Wed, 04 Aug 2021 18:03:25 GMT

GET
H2 200 bg-ads.png
www.gazetadopovo.com.br/assets2/images/ 89 B
457 B 23ms
15ms Image
image/png 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets2/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

:path: /assets2/images/bg-ads.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 03 Jan 2021 11:10:05 GMT
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
last-modified: Wed, 30 Dec 2020 19:28:05 GMT
server: AmazonS3
age: 18428000
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: g2ukdsiDxSY3WSiz8zoWgATBuZjYnObf5dnEjBBA5PWBUR5BYKMliw==

GET
H2 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 23:51:51 GMT
x-content-type-options: nosniff
age: 151894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20196
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:08:51 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 23:51:51 GMT

GET
H3-29 200 qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 27ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:23:25 GMT
x-content-type-options: nosniff
age: 106800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20252
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:09:41 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:23:25 GMT

GET
H3-29 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/ 19 KB
19 KB 19ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 120543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19300
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:09:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:34:22 GMT

GET
H3-29 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 18 KB
19 KB 22ms
18ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 20:01:36 GMT
x-content-type-options: nosniff
age: 165709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18924
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:08:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 20:01:36 GMT

GET
H3-29 200 qFdB35WCmI96Ajtm81GgY9nqxw.woff2
fonts.gstatic.com/s/overpass/v5/ 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdB35WCmI96Ajtm81GgY9nqxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19e011d9a556628501b1557416b8af87442f7baf56cd957a1561d3075c6404c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:14:00 GMT
x-content-type-options: nosniff
age: 139765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21248
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:06:48 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 03:14:00 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
2 KB 39ms
25ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 847
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: C6itbxq7F5I
wn: prod-exp-10-0-89-244
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 6799b3cb5a734e43-FRA
expires: Wed, 04 Aug 2021 18:33:25 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2119306092&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=713556832&gjid=24671147&cid=553308644.1628100205&tid=UA-23088598-1&_gid=1759416747.1628100205&_r=1&_slc=1&z=1459219620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gazetadopovo-abstracts-core-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 5 KB
2 KB 21ms
20ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-core-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53443a132e6c72c07912a625b851218496e1d9ba9a4d410863e56fa3d53d6c65

Request headers

:path: /assets2/gazetadopovo-abstracts-core-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
cookie: _ga=GA1.3.553308644.1628100205; _gid=GA1.3.1759416747.1628100205; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:09 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:30 GMT
server: AmazonS3
age: 83537
etag: W/"5f2db9ccbcb95f7e09d56f4ce05de9b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: 0FNKVGbMaktkD-Kr70sw2RGg_0ycQoujoaUnLZ9-Yid-uy9a-kH2vQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
96 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-23088598-1&cid=553308644.1628100205&jid=713556832&gjid=24671147&_gid=1759416747.1628100205&_u=IEBAAEAAAAAAAC~&z=609063455

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 04 Aug 2021 18:03:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ 43 B
467 B 164ms
41ms Image
image/gif 178.63.12.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=krxstqgfq1s1j7c0&sid=1138596144857280556&loc=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&new=1&arf=0&ltm=1628100205359&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tzo=-120&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=krxstqj6wkdcx5ng&ckp=krxstqjak0n0cc6y&glb=&wsz=1600x1200
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de716.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Aug 2021 18:03:25 GMT
Server: Jetty(9.4.28.v20200408)
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 379
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Wed, 04 Aug 2021 18:57:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 112ms
42ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Aug 2021 18:03:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: 0aEtzP2Rk2S0wg7cq6R4udh8Q8mqKEkn5adrXuWTpzbQ2N/l0p6fwjCRFihoM82W/z/KjkMCOFk4VHicCo1FEw==
x-fb-trip-id: 720026100
x-frame-options: DENY
date: Wed, 04 Aug 2021 18:03:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 122ms
40ms Script
application/javascript 13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:53:48 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: y9WCnwNwtEjPP7d5ErWNQOg9FDGgyZqLxxR35AQWyMxMMEtb-JyaQw==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 21ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/login.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Aug 2021 18:03:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=44481
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H2 200 c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 13 B
409 B 120ms
37ms Script
application/javascript 13.225.84.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-2.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 00:14:18 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
last-modified: Thu, 05 Sep 2019 14:23:06 GMT
server: AmazonS3
age: 668948
etag: "8e742d11d6b24c401e35f3b516726584"
x-cache: Hit from cloudfront
x-amz-version-id: HcQ7eDLpUO0rOnZ5z49wWPmZsoIBXyGt
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 13
x-amz-cf-id: IqS6TIaK1BeF7BqVx2CPo7he2Tx_FNsL2it4rdIAnmQMA82yEk23eQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 96ms
31ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
via: 1.1 varnish
last-modified: Mon, 12 Jul 2021 21:25:31 GMT
age: 64573
etag: "65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1628100206.576155,VS0,VE0
x-served-by: cache-fra19168-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
344 B 19ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-23088598-1&cid=553308644.1628100205&jid=713556832&_u=IEBAAEAAAAAAAC~&z=465276541

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 37ms
17ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-23088598-1&cid=553308644.1628100205&jid=713556832&_u=IEBAAEAAAAAAAC~&z=465276541

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 411 KB
136 KB 16ms
15ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e0eea4b0b726448ca0ddb42aa528b40d85174cdc9ac8ea3343dfb6d49ecc64f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn: prod-dash-10-200-67-209
last-modified: Tue, 03 Aug 2021 13:22:06 GMT
server: cloudflare
etag: W/"420676-1627996926000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=300
cf-ray: 6799b3cc7cfb4e43-FRA
expires: Wed, 04 Aug 2021 18:08:25 GMT

GET
H2 200 gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 32 KB
8 KB 15ms
14ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-core-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e1e24adeade69ad4a3db19f2e628bfd9d6f7e865fc849bfad4e51e4366c0f8b

Request headers

:path: /assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
cookie: _ga=GA1.3.553308644.1628100205; _gid=GA1.3.1759416747.1628100205; _gat=1; cX_S=krxstqj6wkdcx5ng; cX_P=krxstqjak0n0cc6y; _gcl_au=1.1.1551240172.1628100205
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:09 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:30 GMT
server: AmazonS3
age: 83537
etag: W/"2269c81d791a2aacba33f22ffbec5c13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: n5MtKL7tLAF_XEKEaraqvFVE7Pi02VdyGA85wWUROYdkW22ju-W9ng==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2119306092&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&_u=aGDAAEALAAAAAC~&jid=812923008&gjid=1401235103&cid=553308644.1628100205&uid=&tid=UA-23088598-1&_gid=1759416747.1628100205&_r=1&gtm=2wg820WSPVJF&cd1=n%C3%A3o%20logado&cd2=&z=1098882444

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100205527&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1628100205527%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100205527&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100205527&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true&e_ipv6=AQKgjGzx4WyLygAAAXsSVZ8OMob_2gqDF2oNrDI8hwS...

0
156 B

400ms
188ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100205527&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true&e_ipv6=AQKgjGzx4WyLygAAAXsSVZ8OMob_2gqDF2oNrDI8hwSWKmqupNgEGTlW7rDFDkDiopM5YEd9
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:26 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: pKP+DoMsmBZQiCNgzioAAA==

Redirect headers

date: Wed, 04 Aug 2021 18:03:26 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100205527&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true&e_ipv6=AQKgjGzx4WyLygAAAXsSVZ8OMob_2gqDF2oNrDI8hwSWKmqupNgEGTlW7rDFDkDiopM5YEd9
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: 0qYk+YIsmBYA+4xPIysAAA==

GET
H3-29 200 343122172743779 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/343122172743779?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e832a4ca2c09796fe68c689b22da0ce79be7aeb29f64d4a7494a5c13b3027e58

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73554
x-xss-protection: 0
pragma: public
x-fb-debug: 4BxrxTQqn3S5BbJLQyb3Jihm89SDgh3lCcHup1yLfXFUsEIYdesydDQgS0YxD4qZ9L4zNJpVNikEOVOTQkonXw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 04 Aug 2021 18:03:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 37ms
23ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-23088598-1&cid=553308644.1628100205&jid=812923008&gjid=1401235103&_gid=1759416747.1628100205&_u=aGDAAEALAAAAAC~&z=992300209

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 04 Aug 2021 18:03:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 113 KB
38 KB 17ms
17ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6afb18adf5ce274139b890ad6a6dd0534af062e38e830f77e1d8d6ad553d58b9

Request headers

:path: /assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
cookie: _ga=GA1.3.553308644.1628100205; _gid=GA1.3.1759416747.1628100205; _gat=1; cX_S=krxstqj6wkdcx5ng; cX_P=krxstqjak0n0cc6y; _gcl_au=1.1.1551240172.1628100205; _gat_UA-23088598-1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:10 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:49:11 GMT
server: AmazonS3
age: 83536
etag: W/"0a4283fd5572f813b29f8ee433d096a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: VwYUP0bcq0bv5kb6o4z7rg5xN3dPTQELvGahGlMP_ZAT4SP1vGVrgg==

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
28ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-23088598-1&cid=553308644.1628100205&jid=812923008&_u=aGDAAEALAAAAAC~&z=708411525

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 29ms
25ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-23088598-1&cid=553308644.1628100205&jid=812923008&_u=aGDAAEALAAAAAC~&z=708411525

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 3 KB
2 KB 140ms
132ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5efa6e0cd43d1fdd0ffc3c274b07976be9f10d7329d4af2315cd6814ca3c697a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: Cp5ubxq7r5M
pragma: no-cache
wn: prod-exp-10-0-134-52
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6799b3cd6f531f3d-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
273 B 31ms
28ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d56ad054c022968f8d3348b43b7113356f7486513d2f810959de5c8946a9cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 126
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: C72ubxqJ02M
pragma
wn: prod-dash-10-0-129-144
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 6799b3cd6f004e43-FRA
expires: Wed, 04 Aug 2021 18:23:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 22ms
21ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=PageView&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&if=false&ts=1628100205686&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.2.1628100205684.585732320&it=1628100205537&coo=false&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 04 Aug 2021 18:03:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 22ms
21ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=ViewContent&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&if=false&ts=1628100205690&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.2.1628100205684.585732320&it=1628100205537&coo=false&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 04 Aug 2021 18:03:25 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/ 2 KB
2 KB 35ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/?random=1628100205718&cv=9&fst=1628100205718&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68a01813e5017da2f98f2d3c6bb5100b131a9c62c5bb75f0960bde034e69011e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/ 2 KB
1 KB 35ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/?random=1628100205721&cv=9&fst=1628100205721&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf43947678e53ad764224095a301d03a36880d119ecb77c398d546e85b250498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100205722&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9...
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100205722&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c...

64 B
331 B

49ms
49ms

Image
image/gif

13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100205722&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: FJvP69xBBNOO09OXlt-HmMdoJB3wuDo_GPkQNSvbr0bTbSH6rA_rpQ==

Redirect headers

date: Wed, 04 Aug 2021 18:03:25 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100205722&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F
content-length: 272
x-amz-cf-id: LANegL_6bVaCESqz43pG5VpguYmca5pupn4uHOE1bKUSFVANaD42OA==

GET
H2 200 gazetadopovo-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 8 KB
2 KB 14ms
13ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e4a1bd31cc8508c37950ec2e3589143f0aa57f0910f7631920da3436f7899a5

Request headers

:path: /assets2/gazetadopovo-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
cookie: _ga=GA1.3.553308644.1628100205; _gid=GA1.3.1759416747.1628100205; _gat=1; cX_S=krxstqj6wkdcx5ng; cX_P=krxstqjak0n0cc6y; _gcl_au=1.1.1551240172.1628100205; _gat_UA-23088598-1=1; _fbp=fb.2.1628100205684.585732320; __adblocker=false
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:11 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:30 GMT
server: AmazonS3
age: 83535
etag: W/"fef951f38e050457ed2af1cee9aa278b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: A13-Jze3bZwQEhFmJZmTaJqmshQ2FZlQk25Mzi20UkUSdO7JWxrQwA==

GET
H2 200 gazetadopovo-abstracts-ui-tools-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 9 KB
3 KB 15ms
14ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-ui-tools-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a4cc6b7b190718c96fb85d84e2dffb840959d15c1d208cb50f2926441c4ec44

Request headers

:path: /assets2/gazetadopovo-abstracts-ui-tools-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
cookie: _ga=GA1.3.553308644.1628100205; _gid=GA1.3.1759416747.1628100205; _gat=1; cX_S=krxstqj6wkdcx5ng; cX_P=krxstqjak0n0cc6y; _gcl_au=1.1.1551240172.1628100205; _gat_UA-23088598-1=1; _fbp=fb.2.1628100205684.585732320; __adblocker=false
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:11 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:30 GMT
server: AmazonS3
age: 83535
etag: W/"b8af44dcbddc7b7a755028ce75d3b27b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: gIlFfYusc-0w9UH4HYvUNyqV-ZzyFytRQEbGQWqBNwUpIdeJMpX9iQ==

GET
H2 200 adsct
t.co/i/ 43 B
454 B 201ms
135ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 04 Aug 2021 18:03:25 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3447bfa0aea8ca990293708a41f0e1f60ed7aad63a9801594ad0c2cd17ff4b99
x-transaction: 9b13513d0534fbe8
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 gazetadopovo-_back-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 80 KB
17 KB 16ms
16ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-_back-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f334464f79e9cc43c4033c5db75613289e84f8d63bc4b67ea0e4a94edd2c3e3b

Request headers

:path: /assets2/gazetadopovo-_back-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
cookie: _ga=GA1.3.553308644.1628100205; _gid=GA1.3.1759416747.1628100205; _gat=1; cX_S=krxstqj6wkdcx5ng; cX_P=krxstqjak0n0cc6y; _gcl_au=1.1.1551240172.1628100205; _gat_UA-23088598-1=1; _fbp=fb.2.1628100205684.585732320; __adblocker=false
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:11 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:30 GMT
server: AmazonS3
age: 83535
etag: W/"334b8f7b148d8fc88422393269986c27"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: JZL13zpE5nIg08iwgOHgw9H2FV6LPeEWIUND7PD-M5xU8Ydwse0hDQ==

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/961891575/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/961891575/?random=1628100205718&cv=9&fst=1628100000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&async=1&fmt=3&is_vtc=1&random=3416976829&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/961891575/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/961891575/?random=1628100205718&cv=9&fst=1628100000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&async=1&fmt=3&is_vtc=1&random=3416976829&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/854244571/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854244571/?random=1628100205721&cv=9&fst=1628100000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&async=1&fmt=3&is_vtc=1&random=626526163&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/854244571/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854244571/?random=1628100205721&cv=9&fst=1628100000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&async=1&fmt=3&is_vtc=1&random=626526163&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 150 KB
45 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f4727f91ecc6b3c13c28d39675aaf9b82d846c20d72b8c35209b975d037d52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45575
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 20:26:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Aug 2021 18:05:42 GMT

POST
H2 200 flow1 Show response
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ 513 B
882 B 142ms
142ms XHR
application/json 13.224.193.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-58.fra2.r.cloudfront.net
Software: /
Resource Hash: c6ef59577089f988fa9d3ba7f256d079e87789b89016e367f450fb56a7de2cd4

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Aug 2021 18:03:26 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 4da87883-637e-4dce-8928-c4d47dd8ce55
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-610ad66e-667e5e740f18497312852239;Sampled=1
x-amz-apigw-id: DjZxOEi6IAMFWog=
content-length: 513
x-amz-cf-id: jpK3OXL2RyvtbqPDnOxnS73YTWvUdz2V4X-PvlLUEtyhzSyUNfzNbg==

OPTIONS
H2 200 flow1
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ Frame 0
0 198ms
128ms Preflight
application/json 13.224.193.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Protocol: H2
Server: 13.224.193.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-58.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 04 Aug 2021 18:03:25 GMT
x-amzn-requestid: 2548e890-8a1d-4f3e-9e93-73169e1d36ce
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: DjZxNHW4IAMFUag=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: JojW7kf3oQZgQp2FGdfAIF86NZx4LEHgSylv77AkOjWS-a74Fz-Rtw==

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 18ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e4a23aabda94a886477bcb9b8e5bed6038f0104bd3022a18abd100d7d366f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6428
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 18:22:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Aug 2021 18:32:44 GMT

GET
H3-29 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame C434 23 KB
7 KB 75ms
74ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=452250

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64f3dc6a9687e6138522dde5b7dac08fb16dc398d92933c5e8ca22225e7c6e0f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-yRtAgL7WK8dWpsU+SZSpSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-yRtAgL7WK8dWpsU+SZSpSA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=452250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 04 Aug 2021 18:03:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-yRtAgL7WK8dWpsU+SZSpSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-yRtAgL7WK8dWpsU+SZSpSA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=220=PKfgJC_XlN1yOdid_HxFL_OkVRofbv2UrkqtOpShdxgVhhcfT4EUmEr5NJJpsYPf79IxzIoNz2En5dcFWuLL6-QoaMCDSvZS7pLZYjhIMdQLB8JAXrnVQqagWZ3E_M8Brc7FKOmdklumATKoNTN9y0H2lzK_6o4ef8GaBwtDEfk; expires=Thu, 03-Feb-2022 18:03:25 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 13ms
13ms Other
image/svg+xml 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:29:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Aug 2021 18:19:41 GMT

GET
H3-29 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/ 2 B
58 B 90ms
90ms Fetch
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ Frame C434 21 KB
6 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452250

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e4a23aabda94a886477bcb9b8e5bed6038f0104bd3022a18abd100d7d366f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6428
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 18:22:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Aug 2021 18:32:44 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5m... Frame C434 155 KB
55 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3199ef85204442ae5b8e3c54d29219fbb17ccd70d3e7d94f62a2750c587ab8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 22:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55752
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 01:54:19 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Jul 2022 22:13:53 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame C434 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452250

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 04:42:04 GMT
x-content-type-options: nosniff
age: 134481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 04:42:04 GMT

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L... Frame C434 36 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5611e6db97c3e4e3652ec5ca7e4e4bad163d8956ccff61353fd884ee8256935d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 22:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13311
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 05:51:15 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Jul 2022 22:13:53 GMT

GET
H3-29 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L... Frame C434 99 KB
34 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L.B1.O/am=BQII/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5xfgG6OneDf3VOLIqC5dYMosE7Vw/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c06e14fbbce575d2ff577427ee9cfc81e3f3facd531ab0cd51a0c89d0e6eb5b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 22:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34391
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 05:51:15 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Jul 2022 22:13:53 GMT

POST
H3-29 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame C434 284 B
232 B 36ms
36ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-7965524553443296683&bl=boq_subscribewithgoogleclientserver_20210729.06_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=72207&rt=c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b918f240e09115bf35974e4c4e2effdc67ede9431f53ce813c134dfe1dc04d9c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 04 Aug 2021 18:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L... Frame C434 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L.B1.O/am=BQII/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5xfgG6OneDf3VOLIqC5dYMosE7Vw/m=Wt6vjf,_latency,FCpbqb,WhJNk

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d72714ff5d9fd247eb1d6ae5aa6bb5d0fdd931225f31b43a7bd0fe08f22ae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 22:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7298
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 05:51:15 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Jul 2022 22:13:53 GMT

POST
H2 200 log Show response
play.google.com/ Frame C434 131 B
661 B 37ms
18ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 04 Aug 2021 18:03:26 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 04 Aug 2021 18:03:26 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame C434 131 B
154 B 29ms
15ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 04 Aug 2021 18:03:26 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 04 Aug 2021 18:03:26 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
14ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 04 Aug 2021 18:03:26 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Aug 2021 18:03:26 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame C434 131 B
154 B 32ms
18ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 04 Aug 2021 18:03:26 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 04 Aug 2021 18:03:26 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 31ms
13ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 04 Aug 2021 18:03:26 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Aug 2021 18:03:26 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame C434 131 B
154 B 32ms
17ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 04 Aug 2021 18:03:26 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 04 Aug 2021 18:03:26 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 29ms
13ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 04 Aug 2021 18:03:26 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Aug 2021 18:03:26 GMT
cache-control: private

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 17ms
16ms Ping
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary4XlKVWhWzFMWmUXQ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 04 Aug 2021 18:03:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H2 200 / Show response
events-api.gazetadopovo.com.br/register/ 1 KB
2 KB 580ms
580ms XHR
application/json 13.225.87.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-59.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 9936119f0861cd17f5005fda05bf0ee2ad1dedc3a12bb2aa56fe4d30c56d83c0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
etag: W/"4b5-r6Q6WbGqhbWxclKx/n3yNcnn9Rw"
x-amzn-remapped-content-length: 1205
x-amzn-remapped-date: Wed, 04 Aug 2021 18:03:27 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: DjZxWFbKIAMFnBA=
content-length: 1205
x-amzn-requestid: afd5bc1d-7356-43f2-a4d6-9cfffed4f6c8
x-amzn-trace-id: Root=1-610ad66e-3215fb4b640590503a1f3dfd;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 6UiPbqGN2-FsrsQh5r6QpcdjASw5v7lQgdSDNCZKxYFR0qoOTK4IpQ==
x-amzn-remapped-connection: close

OPTIONS
H2 200 /
events-api.gazetadopovo.com.br/register/ Frame 0
0 389ms
312ms Preflight
application/json 13.225.87.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register/
Protocol: H2
Server: 13.225.87.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-59.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 04 Aug 2021 18:03:26 GMT
x-amzn-requestid: 81a779dd-4b53-4b77-b426-d99bc95909b6
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: DjZxTEeJIAMFt0Q=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: d_jorX9fKExyfJf2-ghJW_yYEeT20_lJDArRUScREFQwdLSUQLJvZA==

GET
H2 200 44-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 9 KB
3 KB 14ms
13ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/44-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-_back-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd3784364ad5522e5e796e06bb7fbae3812e49246bab7d41873a85e4e41c5494

Request headers

:path: /assets2/44-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
cookie: _ga=GA1.3.553308644.1628100205; _gid=GA1.3.1759416747.1628100205; _gat=1; cX_S=krxstqj6wkdcx5ng; cX_P=krxstqjak0n0cc6y; _gcl_au=1.1.1551240172.1628100205; _gat_UA-23088598-1=1; _fbp=fb.2.1628100205684.585732320; __adblocker=false; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQlE4S4X6S8OAHgsKLf55LXJErxnF2oLwZwKYev7-XMy5wosQfezsmZdi8s5cGZgf6iq_7odxC1By1_j2Gm_Co_0gFF0oO6k77yzvyzzBoPR8_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; __pvi=%7B%22id%22%3A%22v-2021-08-04-20-03-25-615-tnbSfCeNsIEymXcS-330ea30e72119ebbd43761c5de6ac6b9%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1628100205816%7D; xbc=%7Bjzx%7DHVOi1xz3x_EzizgzPyFOrzRHe0lABNz_MxIkVfIUf0Kft7-P-3VvQi5UNKDgFb0oQFnAKsiuZ6w25mTB-xkVhaHGUXum4j1SR2uDcg6G1DSMngAv4uoz3rCiveX-UeJ70iteBXT3v-8TLYTjVk9UEXK62mGgSSoc8yWLdgPBRwRf6-XreTACDJRwtuhkPQWnvnTwqVq9RlM4rY29jGaj6is2nye560E432IqGv-agGd8owswtgGmq9IfvKmSNkdtp2sA9RR0vrbiZaIgBPUnG2TgU4C_nlKasTYoGpzBeOrln4a47z-ryg-syJjUABIOEIQdUpG-dKbo37D6E8NaKA; GPSDK_SESID=; GPSDK_TKTID=us-east-1_5aa0f9b5-e853-4e36-bc93-1b815b3d3b41
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:54 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:25 GMT
server: AmazonS3
age: 83493
etag: W/"454dd586dbf20623f05394ac4a101394"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: -3IyLgGM29R0r6VBwsItI_ShhcTnDALC9guCNJ_XtN9HW6S1bjiQ7w==

POST
H2 200 unload
api-v3.tinypass.com/api/v3/page/ 0
0 125ms
123ms Ping
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3.tinypass.com/api/v3/page/unload?aid=izBe3CQ7pu&tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQlE4S4X6S8OAHgsKLf55LXJErxnF2oLwZwKYev7-XMy5wosQfezsmZdi8s5cGZgf6iq_7odxC1By1_j2Gm_Co_0gFF0oO6k77yzvyzzBoPR8_ClXXX7wZd7xhwozNxHCCQ&time_spent=%7B%22active%22%3A0%2C%22total%22%3A0%7D&scroll=%7B%22max_page_height%22%3A1584%2C%22max_depth%22%3A1200%7D&viewport_exit=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&pageview_id=2021-08-04-20-03-25-612-LzCxJ2cVkEyCBuUM-330ea30e72119ebbd43761c5de6ac6b9&visit_id=v-2021-08-04-20-03-25-615-tnbSfCeNsIEymXcS-330ea30e72119ebbd43761c5de6ac6b9
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS

POST
H3-29 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 6 KB
3 KB 122ms
121ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d28d7541b9a3bf966c69b33cafc46858ac709f93a2f7ff6db717f0c2e8148f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 04 Aug 2021 18:03:26 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id: Cq5ubxq1R4I
pragma: no-cache
wn: prod-exp-10-0-140-225
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6799b3d0fd131f3d-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 / Show response
events-api.gazetadopovo.com.br/register/ 1 KB
2 KB 356ms
356ms XHR
application/json 13.225.87.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-59.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 9512e31d91b96c28a7c39e9bb2910d4403cb6a7c54050f73797c629847d3e7f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Aug 2021 18:03:26 GMT
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
etag: W/"5b2-jS7qO2pGDWy2KC/XbmGjhhddkiM"
x-amzn-remapped-content-length: 1458
x-amzn-remapped-date: Wed, 04 Aug 2021 18:03:26 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: DjZxVE6-IAMF2CQ=
content-length: 1458
x-amzn-requestid: bd7c7649-0c04-4988-84e0-e997ef43afcb
x-amzn-trace-id: Root=1-610ad66e-448ea6fd727ecb3465330010;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 3a40y5_p1w23I2SjZ2eUPTW4eNyHVp1tw3jexo_AVLhbAp1YSaXFmg==
x-amzn-remapped-connection: close

OPTIONS
H2 200 /
events-api.gazetadopovo.com.br/register/ Frame 0
0 137ms
136ms Preflight
application/json 13.225.87.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register/
Protocol: H2
Server: 13.225.87.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-59.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 04 Aug 2021 18:03:26 GMT
x-amzn-requestid: e75a17ad-e6cb-460d-aee2-3dfe711cad9f
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: DjZxSFG6IAMFQhg=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 03K09UXOSKxrrYU_KsFjnF2PohvJs5GDASwbW-TGt8o7xQ-Awo6j_Q==

GET
H2 200 3-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 3 KB
2 KB 14ms
14ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/3-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-_back-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36ce2f56a0234145bce79d270a65b4727b7552d35fa55b368396a67a446d3544

Request headers

:path: /assets2/3-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
cookie: _ga=GA1.3.553308644.1628100205; _gid=GA1.3.1759416747.1628100205; _gat=1; cX_S=krxstqj6wkdcx5ng; cX_P=krxstqjak0n0cc6y; _gcl_au=1.1.1551240172.1628100205; _gat_UA-23088598-1=1; _fbp=fb.2.1628100205684.585732320; __adblocker=false; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQlE4S4X6S8OAHgsKLf55LXJErxnF2oLwZwKYev7-XMy5wosQfezsmZdi8s5cGZgf6iq_7odxC1By1_j2Gm_Co_0gFF0oO6k77yzvyzzBoPR8_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; GPSDK_SESID=; GPSDK_TKTID=us-east-1_5aa0f9b5-e853-4e36-bc93-1b815b3d3b41; __pnahc=0; __pvi=%7B%22id%22%3A%22v-2021-08-04-20-03-25-615-tnbSfCeNsIEymXcS-330ea30e72119ebbd43761c5de6ac6b9%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1628100206231%7D; xbc=%7Bjzx%7Dp11O0pbV_k9ixtS1kGyLH0PnnaLbSQQSPgQbYOJ4qke_au5WJJDev6uG7PypaNAoIEkiB-5g61RxSW0PjDGWT8RdDbyzoOenA2XwjQ-GBrKakHT00O-Se02047Fp81ZPgoOgutWczPmtGTx0Z4zlmzc9OWz-XjbrS69_tPRxneCklUdM0P8bYI1A3zvr7KDtK5dYSwBW2L9AIzRdLLOmI3MnP39UxJ0vkXpkUCGYs_XMUa7MavQhoOZfUwkuPnrT-4K-Jbaq7Rz0BpbTjPye44h5nBAyqUj9D3cbIW9yaK7Hwnz-EKi8WwP4Z1A2IQzNB7wUrbeXSLJHR7_39BR08A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:54 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:23 GMT
server: AmazonS3
age: 83493
etag: W/"8789f89477348694faff59a4e4c94855"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: VwtjtEiemUl_r5XKJ_3no7SCbT_jh8hJySZJIPntO82ACQtwTw2iBw==

POST
H2 200 / Show response
www.semprefamilia.com.br/cookie-exchanger/ 4 B
1 KB 558ms
525ms XHR
application/json 2600:9000:2190:e000:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:e000:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront), 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Wed, 04 Aug 2021 18:03:27 GMT
x-amz-cf-pop: ZRH50-C1, ZRH50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: DjZxZHigoAMF4Pw=
content-length: 4
x-amzn-requestid: d2fb0a34-8190-4f16-b973-7ba542289771
x-amzn-trace-id: Root=1-610ad66e-6d370b7b568b3140203816d8;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: V9j_v7ZDh7sojBLgAwIaqNrw0vJsPd__YvMhLQpueOD2iso4_D5tVg==
x-amzn-remapped-connection: close

OPTIONS
H2 200 /
www.semprefamilia.com.br/cookie-exchanger/ Frame 0
0 347ms
308ms Preflight
application/json 2600:9000:2190:e000:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Protocol: H2
Server: 2600:9000:2190:e000:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Wed, 04 Aug 2021 18:03:26 GMT
x-amzn-requestid: a1be4870-49a2-480e-85c3-ac9584f68866
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: DjZxUEEmoAMF40g=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront), 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1 ZRH50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: WMQoXcX2xkstnMaGgbN2FV-anwJKy08l5yrjGFvTt9Dgxu7nGMEjug==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 218ms
143ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 04 Aug 2021 18:03:26 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5b2e7277d8e5e4c9bd67b288c7021d492ade19e584b168e9cc4fc4fa67378797
x-transaction: d816d1708c18d46c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 gazetadopovo-app-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 92 KB
17 KB 22ms
22ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab5d63b413f24a29f71f927e08dc2fe273d8c030f950fc86d688ea6581c40ea5

Request headers

:path: /assets2/gazetadopovo-app-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:30 GMT
server: AmazonS3
age: 83353
etag: W/"86c3788a7d1cbdff7e7449f4b7ef7c25"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: aVIwjkQr3uAJoPmzS1dc41YZB2djWlS4Ru7egw9te6rUMk-6vfUJuw==

GET
H2 200 48-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 6 KB
3 KB 47ms
46ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/48-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72d63bb117f888da85cb08b700f022e15fe6b95939fd004206d22fcafcf86d53

Request headers

:path: /assets2/48-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:12 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:26 GMT
server: AmazonS3
age: 83535
etag: W/"680ab336258d81906e426f0d57629032"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: 9t7loBvk6w1TuC2uYNjd7vDNzeT-HuZOAOCaIyyDVHWi0embDS4IOA==

GET
H2 200 45-gaz-fbb8faf49a90cf57193d97978a255a4d.js Show response
www.gazetadopovo.com.br/assets2/ 24 KB
5 KB 14ms
13ms Script
application/javascript 2600:9000:2190:da00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/45-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:da00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3262a5735cbb61a4137ddb4781a55189be1f1bad2f091411986f426f508453b3

Request headers

:path: /assets2/45-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/login.php/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 18:51:54 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 18:48:26 GMT
server: AmazonS3
age: 83493
etag: W/"867649086964d639f8e0654c61d422c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: U5HNi5iZnBg0obpk8lImdFDmS8Qzt-c6bPEl2k8sjFMC9kRDnfk2LQ==

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 164 KB
30 KB 50ms
16ms Script
application/javascript 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 3d7e425a0f28d5e070d757bb01547a42ca1217a7f0ccd84fdecd852c189bb028

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:57:22 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 19:44:11 GMT
server: marrakesh 1.16.6
age: 364
etag: 7d7a54f8c4b8e909e88af7bea859b0d1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 30271
x-amz-cf-id: MzSeg-kQrUtLIZZ6Fm-fUXtJxlUTLWNZ_v2_jjeQK3cM61g9X5oSqw==
expires: Wed, 04 Aug 2021 18:57:22 GMT

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame 058D 197 B
690 B 76ms
37ms Document
text/html 2600:9000:20eb:e000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /mercurio.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 173
server: marrakesh 1.16.6
last-modified: Fri, 07 May 2021 13:45:52 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Wed, 04 Aug 2021 18:00:07 GMT
expires: Wed, 04 Aug 2021 18:05:17 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: ba5203ce522cc70a434e9a70452ca145
x-cache: Hit from cloudfront
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: syrn-jiZqwrKdaG8cz8Fm_7IW8-aL1Y5GMlx7oIvhmQ3Fg3YvFCrxA==
age: 490

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 214ms
214ms Script
application/javascript 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 17:51:00 GMT
server: marrakesh 1.16.6
x-amz-cf-pop: FRA2-C1
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 5277
x-amz-cf-id: PACBg_jwifCeYIHmduIYSRfbPtCAJRKG0MkNbfOdy-2brMVqf028tw==
expires: Wed, 04 Aug 2021 19:03:27 GMT

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 133 KB
18 KB 14ms
13ms Script
application/javascript 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: edd3570d096045162b2cb8c3e96ff6f75bd558fae92e2364cc77a9e376ebba8c

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:11:17 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 01:20:09 GMT
server: marrakesh 1.16.6
age: 3130
etag: 7a1ccc3ccf3c2ed3ab92cc7d00c51bfb
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 17436
x-amz-cf-id: Gisw7f03eATo7-4iGGJsoLbTEN5TUGqFxmvvfXCKfIX-rO9tK9YUmw==
expires: Wed, 04 Aug 2021 18:11:17 GMT

GET
H2 200 gazetadopovo.js Show response
me.jsuol.com.br/aud/ 15 KB
6 KB 598ms
199ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:50
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/gazetadopovo.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:50 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 17:14:25 GMT
server: marrakesh 1.16.6
etag: 3259e7f0de5880d1a62dfaa532afdb24
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
content-length: 6355
expires: Wed, 04 Aug 2021 19:03:27 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 6 KB
3 KB 12ms
12ms Script
application/javascript 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 0f13d6175409de52247fc375266b327b62589b54f0353554063fd5976bcdd0a9

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:43:25 GMT
content-encoding: gzip
last-modified: Mon, 02 Aug 2021 15:08:12 GMT
server: marrakesh 1.16.6
age: 1202
etag: 218546c9e00fe71b00820ac0a2312baf
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 2146
x-amz-cf-id: GzYHNuhlBaRIn-AiTiW17hfnTbjvd2ZPxTrFLfmpDXgMzXalB76Brw==
expires: Wed, 04 Aug 2021 18:43:25 GMT

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 591ms
199ms Script
application/javascript 2804:49c:3104:401:ffff:ffff:ffff:34
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3104:401:ffff:ffff:ffff:34 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Aug 2021 18:03:27 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript;charset=utf-8
Expires: Wed, 04 Aug 2021 18:03:26 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 68E8 213 B
700 B 17ms
17ms Document
text/html 2600:9000:20eb:e000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Wed, 28 Jul 2021 19:15:09 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Wed, 04 Aug 2021 18:00:07 GMT
expires: Wed, 04 Aug 2021 18:05:17 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: PQs0zeLkALSx_59r0Bbw2mpzcTc0HpLLTrtHQWu6DkmwFZDh6ZiTiA==
age: 490

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame DDBB 213 B
700 B 15ms
15ms Document
text/html 2600:9000:20eb:e000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Wed, 28 Jul 2021 19:15:12 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Wed, 04 Aug 2021 18:00:07 GMT
expires: Wed, 04 Aug 2021 18:05:17 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: wNavpfj5HGsIu9ZtZ9oPTor_SwblBlgnEZXKLgRu3uKa9oaRLKcwUg==
age: 490

GET
H2 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
114 KB 42ms
39ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Wed, 04 Aug 2021 18:03:27 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 104 B
752 B 109ms
40ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6d73194a3f163e6f775e14e6610b974828e46d1f30cb4ebe2cb0a9f2083615b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 Aug 2021 18:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Wed, 04 Aug 2021 18:03:27 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame DDBB 42 KB
9 KB 13ms
13ms Script
application/javascript 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:45:35 GMT
content-encoding: gzip
age: 1072
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 05:04:13 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: -j-MR3yA_ghttz3NADm6OgN_EDGVdyxpO535eXYnloiAc3gcZ2559w==
expires: Wed, 04 Aug 2021 18:45:35 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 68E8 42 KB
9 KB 12ms
12ms Script
application/javascript 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:45:35 GMT
content-encoding: gzip
age: 1072
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 05:04:13 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: 9PBItCzCoUKQDCaJacHvyI7pTKhRnn2z8inS2k2fwnXQVhXmDtfRFQ==
expires: Wed, 04 Aug 2021 18:45:35 GMT

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
6 KB 12ms
12ms Script
application/javascript 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:57:23 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 19:15:10 GMT
server: marrakesh 1.16.6
age: 364
etag: f7a535aa8ca1d0acd1bff039eb80acff
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 6125
x-amz-cf-id: VTgageXTYaywrgwiLqcEmRS_sfDGi7WeqPOsCO9QLBHJaIzWuJDiXQ==
expires: Wed, 04 Aug 2021 18:57:23 GMT

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame 058D 4 KB
2 KB 13ms
13ms Script
application/javascript 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:19:54 GMT
content-encoding: gzip
age: 2613
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 13:45:52 GMT
server: marrakesh 1.16.6
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: XUMwW9X6iBWdkD4nto3oq_B4uz_Vp8PFa5pwqYt4GGlExLsywg-TQg==
expires: Wed, 04 Aug 2021 18:19:54 GMT

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 13ms
12ms Script
application/javascript 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 17:57:24 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 00:30:40 GMT
server: marrakesh 1.16.6
age: 363
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 8357
x-amz-cf-id: ldNZ8IYqSvtUXkOp-wC6HbtbvR9iOArq09La3knCb1Qi918lucaKkg==
expires: Wed, 04 Aug 2021 18:57:24 GMT

GET
H2 200 trk
tt-10162-1.seg.t.tailtarget.com/ 140 B
674 B 162ms
112ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:gazetadopovo:1|_channel:gazetadopovogeral:1&tK=1628100207&tM=referral&tL=referral&tN=referral&tY=3&tZ=164079180
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: b205d3a6b35828bb9b0b71e8500e21375caf29308434a48332b7bc779b8e9792

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 140

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
481 B 159ms
111ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: b16e434e1265f82976bfaaf5ad547785bab408222fde7da2dd7812913a15ff1d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

OPTIONS
H2 200 /
www.semprefamilia.com.br/cookie-exchanger/ Frame 0
0 115ms
115ms Preflight
application/json 2600:9000:2190:e000:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Protocol: H2
Server: 2600:9000:2190:e000:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Wed, 04 Aug 2021 18:03:27 GMT
x-amzn-requestid: 51995af0-fe1a-4f7b-aab6-fa0c0dbfcfc5
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: DjZxaHmUIAMFvvA=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront), 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1 ZRH50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 0xPC6XQxKyNi8tgsutFIn2pW3dBJy3TDTZods0YRAylhdyZ4y6aYWA==

POST
H2 200 / Show response
www.semprefamilia.com.br/cookie-exchanger/ 4 B
1 KB 322ms
322ms XHR
application/json 2600:9000:2190:e000:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:e000:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront), 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Wed, 04 Aug 2021 18:03:27 GMT
x-amz-cf-pop: ZRH50-C1, ZRH50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: DjZxdHRmoAMFkYQ=
content-length: 4
x-amzn-requestid: 4e126207-168d-4f6e-ab02-eadb39e35e1f
x-amzn-trace-id: Root=1-610ad66f-622a4b7f5c2f8a0048e4e391;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: P99bApfn1OXWe_A1gcRwEGXKUopurRfDGtLRlMhlInepBQiRLxaV0A==
x-amzn-remapped-connection: close

POST
H2 200 / Show response
www.umdoisesportes.com.br/cookie-exchanger/ 4 B
1 KB 180ms
147ms XHR
application/json 2600:9000:20eb:f000:1d:7626:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f000:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront), 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Wed, 04 Aug 2021 18:03:27 GMT
x-amz-cf-pop: FRA2-C2, FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: DjZxcE3GIAMFpNg=
content-length: 4
x-amzn-requestid: 1642ebce-7272-4a81-8898-cf42545c8069
x-amzn-trace-id: Root=1-610ad66f-12c3de4f6bd9e0b24e51c298;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: b8PuE0vyiOSvumrOLaGqeJW8bb7WvNEq_ZXObuc2MwRNC19lM-lNPw==
x-amzn-remapped-connection: close

OPTIONS
H2 200 /
www.umdoisesportes.com.br/cookie-exchanger/ Frame 0
0 153ms
120ms Preflight
application/json 2600:9000:20eb:f000:1d:7626:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Protocol: H2
Server: 2600:9000:20eb:f000:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Wed, 04 Aug 2021 18:03:27 GMT
x-amzn-requestid: 2bdf900d-a69f-4ded-96e5-d3c542b0a0d3
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: DjZxaF6moAMFR4g=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront), 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2 FRA2-C1
x-cache: Miss from cloudfront
x-amz-cf-id: yMCwKjamhGkJ5Fm9amjfakoWfS4hBvwbq-0sBMSHO_9L-4Z1l3qBOQ==

GET
H2 200 collect.js Show response
100026685.collect.igodigital.com/ 9 KB
2 KB 316ms
110ms Script
application/javascript 23.21.180.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://100026685.collect.igodigital.com/collect.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.180.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 17:14:05 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
373 B 110ms
110ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
cache-control: private, proxy-revalidate
content-type: application/x-javascript
alt-svc: clear

GET
H2 200 b Show response
b.t.tailtarget.com/ 144 B
585 B 112ms
112ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=4&tU=0100007F6FD60A61B30675B2023D4219&tX=b.52&tZ=680649436&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 1072335d833c70a3e7a62b5a0e53709d220a2943f1c6e6e65d897fbc63db7f94

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
354 B 115ms
115ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=879322076&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: f7bee5984a0bef7ec564d1ba75bfd587cb41841da4b335feb646f4bd55ad8d5e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 track_page_view
nova.collect.igodigital.com/c2/100026685/ 43 B
723 B 121ms
111ms Image
image/gif 23.21.180.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/100026685/track_page_view?payload=%7B%22title%22%3A%22P%C3%A1gina%20n%C3%A3o%20encontrada%22%2C%22url%22%3A%22https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F%22%2C%22user_info%22%3A%7B%22user_id%22%3A%22us-east-1_5aa0f9b5-e853-4e36-bc93-1b815b3d3b41%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.180.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.010287
date: Wed, 04 Aug 2021 18:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: fef2433b-7e5c-4223-9749-8664492053bc

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 111ms
109ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=_paris_ile-de-france_fr_1628100207428_1495840516&tJ=&tQ=gazetadopovo,gazetadopovogeral&tU=0100007F6FD60A61B30675B2023D4219&tX=b.52&tY=1&tZ=854868226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/gazetadopovo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2986
date: Wed, 04 Aug 2021 17:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 04 Aug 2021 19:13:41 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
4 KB

42ms
42ms

Script
application/javascript

13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:01:32 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
etag: "5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 3690
x-amz-cf-id: 4hBwKydmHbLioydv8GfwehwvTBo0-N-e7h3fKcY2fIeRQk72mSrgsw==

Redirect headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: HwLcXqA_X0qLq38fn6jl6fAhd1pAQ8vxrjOADvfipxd4wthWm-C4ng==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2119306092&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GjAAEALAAAAAC~&jid=1595928898&gjid=1529362630&cid=553308644.1628100205&tid=UA-97689914-251&_gid=288982894.1628100208&_r=1&_slc=1&cd1=Parceiros&cd2=Gazeta%20do%20Povo&cd3=Gazeta%20do%20Povo&cd11=normal&cd4=553308644.1628100205&cd66=1628100207654.yrupy5tp&cd85=none&cd87=none&cd88=none&z=380363211

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-97689914-251&cid=553308644.1628100205&jid=1595928898&gjid=1529362630&_gid=288982894.1628100208&_u=6GjAAEALAAAAAC~&z=1887437801

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 04 Aug 2021 18:03:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-97689914-251&cid=553308644.1628100205&jid=1595928898&_u=6GjAAEALAAAAAC~&z=1834825869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-97689914-251&cid=553308644.1628100205&jid=1595928898&_u=6GjAAEALAAAAAC~&z=1834825869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Aug 2021 18:03:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1628100207749&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c8=P%C3%A1gin...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1628100207749&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c8=P%C3%A1gi...

64 B
330 B

49ms
49ms

Image
image/gif

13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1628100207749&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: BdQfc74zdZFjTUGQ3ho1AyTOUdH0zXcsQMEJA-KHDx3HafzIu0hHJg==

Redirect headers

date: Wed, 04 Aug 2021 18:03:27 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1628100207749&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F
content-length: 300
x-amz-cf-id: uQaGrycMDdMXmlvEhNlCOO7DKolBIq1L7e5J4QjbpFJGpvcRPNHfXA==

OPTIONS
H2 200 /
events-api.gazetadopovo.com.br/register/ Frame 0
0 314ms
313ms Preflight
application/json 13.225.87.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register/
Protocol: H2
Server: 13.225.87.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-59.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 04 Aug 2021 18:03:37 GMT
x-amzn-requestid: 1e508fc1-c027-491a-8ed6-1af4820f5d1f
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: DjZzAFz1oAMF0mQ=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: l8VpSf6c8gaQ_DPPBZ4Hk64y8NDRYjpu-AKLs1UUs81U9HL3vBE1cA==

POST
H2 200 /
events-api.gazetadopovo.com.br/register/ 1 KB
2 KB 377ms
377ms XHR
application/json 13.225.87.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-59.fra2.r.cloudfront.net
Software: / Express
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Aug 2021 18:03:37 GMT
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
etag: W/"4c2-BKgv9XEET2eVwYBG8TmfGeVOtUM"
x-amzn-remapped-content-length: 1218
x-amzn-remapped-date: Wed, 04 Aug 2021 18:03:37 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: DjZzDFjgIAMFoHg=
content-length: 1218
x-amzn-requestid: d0e5ff4b-24ce-4464-98a0-50344789385c
x-amzn-trace-id: Root=1-610ad679-6aa2bd7b132ed9c17eb225e6;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: AiawpmjiGyzWed0fZqt4X3aB5ibaqiGALCeua8urEs8N64TNagM8_Q==
x-amzn-remapped-connection: close

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.gazetadopovo.com.br/login.php/(Line 26) Message: [object Object]
console-api	log	URL: https://www.gazetadopovo.com.br/login.php/(Line 69) Message: adad
console-api	log	URL: https://www.gazetadopovo.com.br/login.php/(Line 70) Message: null
console-api	log	URL: https://www.gazetadopovo.com.br/login.php/(Line 72) Message: alterou state
console-api	log	URL: https://www.gazetadopovo.com.br/login.php/(Line 73) Message: interactive
console-api	log	URL: https://www.gazetadopovo.com.br/login.php/(Line 75) Message: PAGE-STATUS interactive 20 3 25
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js(Line 1) Message: abstracts gazetadopovo

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100026685.collect.igodigital.com
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
analytics.twitter.com
api-v3.tinypass.com
b.t.tailtarget.com
buy.tinypass.com
cdn.onesignal.com
cdn.privacytools.com.br
cdn.tinypass.com
comcluster.cxense.com
connect.facebook.net
d335luupugsy2.cloudfront.net
events-api.gazetadopovo.com.br
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mcasproxy.azureedge.net
me.jsuol.com.br
news.google.com
nova.collect.igodigital.com
play.google.com
px.ads.linkedin.com
px4.ads.linkedin.com
sb.scorecardresearch.com
scdn.cxense.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.tailtarget.com
tm.jsuol.com.br
tm.uol.com.br
tracker.bt.uol.com.br
tt-10162-1.seg.t.tailtarget.com
www.facebook.com
www.gazetadopovo.com.br
www.gazetadopovo.com.br.us3.cas.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.npttech.com
www.semprefamilia.com.br
www.umdoisesportes.com.br
104.244.42.133
104.244.42.195
108.174.10.14
13.224.193.58
13.224.96.92
13.225.84.2
13.225.87.59
151.101.12.157
172.217.18.98
178.63.12.208
216.58.212.162
23.21.180.34
2600:9000:20eb:6c00:6:9eb2:5cc0:93a1
2600:9000:20eb:e000:6:5b96:3f00:93a1
2600:9000:20eb:f000:1d:7626:ce40:93a1
2600:9000:2190:da00:6:45ad:3580:93a1
2600:9000:2190:e000:13:9bf5:7100:93a1
2606:4700:20::ac43:442e
2606:4700:3032::ac43:c0b6
2606:4700::6811:b8b1
2606:4700::6812:e134
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2804:49c:3101:401:ffff:ffff:ffff:50
2804:49c:3104:401:ffff:ffff:ffff:34
2a00:1450:4001:801::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9c
2a02:26f0:1700:d::1737:6e9b
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:2bf::268b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
34.102.185.99
40.81.121.140
018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461
02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0a4cc6b7b190718c96fb85d84e2dffb840959d15c1d208cb50f2926441c4ec44
0e275872784212de73a7a1b0385a96c63311aa5f67cbad7b654b813fa18f5408
0f13d6175409de52247fc375266b327b62589b54f0353554063fd5976bcdd0a9
1072335d833c70a3e7a62b5a0e53709d220a2943f1c6e6e65d897fbc63db7f94
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19e011d9a556628501b1557416b8af87442f7baf56cd957a1561d3075c6404c7
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1d28d7541b9a3bf966c69b33cafc46858ac709f93a2f7ff6db717f0c2e8148f0
26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a
2f4727f91ecc6b3c13c28d39675aaf9b82d846c20d72b8c35209b975d037d52f
3199ef85204442ae5b8e3c54d29219fbb17ccd70d3e7d94f62a2750c587ab8d2
3262a5735cbb61a4137ddb4781a55189be1f1bad2f091411986f426f508453b3
36ce2f56a0234145bce79d270a65b4727b7552d35fa55b368396a67a446d3544
3d72714ff5d9fd247eb1d6ae5aa6bb5d0fdd931225f31b43a7bd0fe08f22ae9c
3d7e425a0f28d5e070d757bb01547a42ca1217a7f0ccd84fdecd852c189bb028
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e4a23aabda94a886477bcb9b8e5bed6038f0104bd3022a18abd100d7d366f5
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a
489031b4b49cd663c247a5f37663db2cf4e30eb88d605c03d18a022cf9c06f8c
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5
4d56ad054c022968f8d3348b43b7113356f7486513d2f810959de5c8946a9cec
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53443a132e6c72c07912a625b851218496e1d9ba9a4d410863e56fa3d53d6c65
5611e6db97c3e4e3652ec5ca7e4e4bad163d8956ccff61353fd884ee8256935d
5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3
5e0eea4b0b726448ca0ddb42aa528b40d85174cdc9ac8ea3343dfb6d49ecc64f
5efa6e0cd43d1fdd0ffc3c274b07976be9f10d7329d4af2315cd6814ca3c697a
64f3dc6a9687e6138522dde5b7dac08fb16dc398d92933c5e8ca22225e7c6e0f
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68a01813e5017da2f98f2d3c6bb5100b131a9c62c5bb75f0960bde034e69011e
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6afb18adf5ce274139b890ad6a6dd0534af062e38e830f77e1d8d6ad553d58b9
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e
6d73194a3f163e6f775e14e6610b974828e46d1f30cb4ebe2cb0a9f2083615b5
6e4a1bd31cc8508c37950ec2e3589143f0aa57f0910f7631920da3436f7899a5
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
72d63bb117f888da85cb08b700f022e15fe6b95939fd004206d22fcafcf86d53
73698026d281acc624d216dbe0764fb1a112445a968f117ebeb7b5b838dc0b81
740fbabd0511aa9be95dea5dccbc3bb04325f5cf98b849a3586038a3a654c9be
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7749a7cd38d6c818181e5ec08c8d90b099454ff1cf8a43e056eff4f343c8a348
7f3f434e7a8458ef0f1e9ebbb6d18c6c42a36c86073ea1fc3ec7347b663dcd95
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba
84631de0bca7e12b1b542849e146044afb360af10af6ae4f5d90ec534e017734
84c30a59a914fdcdbbe927861e998a8015ac565e2df0cbff708bccea1ac80347
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
9512e31d91b96c28a7c39e9bb2910d4403cb6a7c54050f73797c629847d3e7f1
9761ffdfaabec51f7265f41428ff8cde47c3a82a3a9630862e055b7ebd39eb1b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9936119f0861cd17f5005fda05bf0ee2ad1dedc3a12bb2aa56fe4d30c56d83c0
9c57b4195a9511416da7d06f703db7696145bfb9acb4904383f3725dd6208457
9e1e24adeade69ad4a3db19f2e628bfd9d6f7e865fc849bfad4e51e4366c0f8b
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
ab5d63b413f24a29f71f927e08dc2fe273d8c030f950fc86d688ea6581c40ea5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b16e434e1265f82976bfaaf5ad547785bab408222fde7da2dd7812913a15ff1d
b205d3a6b35828bb9b0b71e8500e21375caf29308434a48332b7bc779b8e9792
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b918f240e09115bf35974e4c4e2effdc67ede9431f53ce813c134dfe1dc04d9c
bf43947678e53ad764224095a301d03a36880d119ecb77c398d546e85b250498
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
c06e14fbbce575d2ff577427ee9cfc81e3f3facd531ab0cd51a0c89d0e6eb5b1
c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c6ef59577089f988fa9d3ba7f256d079e87789b89016e367f450fb56a7de2cd4
cd3784364ad5522e5e796e06bb7fbae3812e49246bab7d41873a85e4e41c5494
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
dd6a348c6f81d3c2ddf08471924f0c841b952312b0244bd404cb100d764de238
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e832a4ca2c09796fe68c689b22da0ce79be7aeb29f64d4a7494a5c13b3027e58
edd3570d096045162b2cb8c3e96ff6f75bd558fae92e2364cc77a9e376ebba8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b
f334464f79e9cc43c4033c5db75613289e84f8d63bc4b67ea0e4a94edd2c3e3b
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f7bee5984a0bef7ec564d1ba75bfd587cb41841da4b335feb646f4bd55ad8d5e
fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

www.gazetadopovo.com.br Open in urlscan Pro 2600:9000:2190:da00:6:45ad:3580:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

100 %HTTPS

67 %IPv6

32 Domains

49 Subdomains

41 IPs

6 Countries

1300 kBTransfer

3964 kBSize

0 Cookies

62 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:2190:da00:6:45ad:3580:93a1 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

100 %
HTTPS

67 %
IPv6

32
Domains

49
Subdomains

41
IPs

6
Countries

1300 kB
Transfer

3964 kB
Size

0
Cookies

136 HTTP transactions
0 data transactions